Hybrid IT: Minimizing the need to choose while maximizing monitoring capabilities
- By Paul Parker
- Oct 26, 2018
There is a common belief that having many choices is a good thing -- but is it really? In his book, The Paradox of Choice – Why More is Less, author Barry Schwartz wrote, “Learning to choose is hard. Learning to choose well is harder. And learning to choose well in a world of unlimited possibilities is harder still.”
This is the uncomfortable position that many government IT professionals find themselves in, particularly in a world dominated by cloud services. Choosing which providers to use -- let alone whether to choose a public or private cloud approach in the first place -- can be paralyzing and confusing. In fact, 65 percent of respondents to a SolarWinds IT Trends Report stated that their agencies use up to three cloud providers.
Many agencies have embraced a hybrid IT model. Yes, they still have to choose which cloud providers to use and which applications to move offsite. But they can enjoy the best of both worlds: the cost and efficiency benefits of cloud services, with the security that typically accompanies keeping critical infrastructure in-house.
Still, effectively overseeing a hybrid IT environment poses significant challenges, particularly in regard to monitoring and security. Hybrid IT infrastructures can be amazingly complex and difficult to monitor, and there’s no guarantee that data will remain secure as it moves between clouds. However, there are two key strategies that can help government IT professionals gain control and improve the security of their hybrid IT operations.
Expand the visibility horizon
Responsible and accountable IT managers may be accustomed to having unfettered authority over all aspects of their networks, but a hybrid IT environment often requires sharing those duties with cloud providers. This requires a level of trust that may make some administrators uncomfortable. For example, they should trust that their provider is doing what it can to fix problems with a slow application. But it may often be difficult to know if that’s true.
Plus, as packets pass between private and public clouds (and vice versa), there may be blind spots where administrators lose track of those packets. That can be nerve-wracking for security-conscious network administrators.
While many administrators have become highly adept at monitoring what is happening within their networks, a hybrid approach can require that they expand their horizons to see what is taking place beyond their own borders. Adopting network monitoring strategies and solutions can help administrators see what’s occurring with their information as it moves on-premise, in the cloud and in between. They can shine a light on data packets as they move down those dark pathways and quickly identify and respond to application problems wherever they may reside.
Automate and virtualize security to proactively respond to threats
Being able to enforce security policies and ensure compliance across hybrid IT networks is another top security challenge. Agencies must ensure that their security protocols are being enforced across their networks and that data moving between private and public clouds is protected under those blanket policies. Policies must be automatically enforced as incidents arise, and administrators must be confident that any policies they make in-house are updated, applied and enforced across the entire spectrum of their hybrid IT networks.
Employing automation to immediately address and remediate potential threats is also important. Hybrid IT networks can potentially include hundreds of applications, and threat vectors are continuously evolving. This combination of factors can make manually managing hybrid IT networks nearly impossible. Automated monitoring and response can help identify and mitigate issues in minutes, rather than hours or days, minimizing risk and greatly reducing system downtime.
Agencies should also consider replacing legacy hardware systems, including firewalls, with next-generation virtualization solutions. Virtual firewalls can be far more scalable than traditional hardware and can be automatically deployed and configured. They can also help improve security responses and threat mitigation across the entire hybrid network. These updates be done in a piecemeal fashion, making it easier -- and more budget-friendly -- to manage the progression from legacy solutions to network modernization.
Although adopting a hybrid IT approach relieves administrators from having to choose between private or public clouds, an abundance of decisions remain. Administrators must commit to their cloud providers and decide which applications to keep on-premise, for example.
Fortunately, those choices don’t have to come at the expense of end-to-end network management and security. Both of those can be well within reach, even in a hybrid IT world.
Paul Parker is chief technologist – Federal and National Government, SolarWinds.