Hybrid cloud environments provide enterprises with diverse resources to run different workloads depending on the Cloud Service Customer (CSC) needs. On one hand, enterprises can quickly use innovative services, deploy Internet applications, and provide optimal performance through public clouds. At the same time, the security and reliability of the private cloud can be used to run core applications in the local data center. Therefore, hybrid clouds are becoming an essential form of enterprise cloud model that allows the best of both worlds approach.
The hybrid deployment forms a diverse connected ecosystem. Data and applications flowing between clouds pose new security challenges as each cloud platform is proprietary and managed independently by Cloud Service Providers (CSPs) such as AWS, Microsoft, and Google. To successfully secure this unique and complex landscape, the enterprise should develop and employ cross-cloud security capabilities in these four areas: perimeter, transmission, storage, and management security.
This presentation describes the applicability of the CSA Cloud Controls Matrix (CCM) to the hybrid cloud.