Security in the hybrid cloud
Security in and of the cloud are two aspects that do not differ between the private and public clouds. In a hybrid model, cloud operators would review what is offered from a security standpoint. To a certain extent, security in a hybrid model can be enforced more when leveraging the private part, but additional threats can be observed with insecure API endpoints, data leaks, or missing encryption at rest and in transit. In the OpenStack world, cloud operators should think of the security of the private cloud, whereas security in the cloud is the task of the user. Following a security discipline would not differ from pure private or public clouds when dealing with a hybrid cloud environment. Starting with the principle of zero-trust, cloud architects should take security as a core principle at the earliest stage when designing a hybrid environment, in the same way as building a private cloud. In a hybrid setup, more components are involved in the security...
