Skip to main content

2016: The year of application layer security in public clouds

The cloud continues to be a significant force in enterprise computing and technology adoption. Enterprises that have adopted cloud have slashed capital expenses, increased agility, centralised information management, and scaled their businesses quickly.

Our State of the Cloud Survey estimates that 93 per cent of respondents are adopting cloud – 88 per cent are using public cloud, 63 per cent using private cloud, and 58 per cent using both.

With resources spread across providers, regions, and technologies, in this hyper-connected environment, most enterprises will likely never commit completely to one cloud model, provider or technology.

No IT pro is rushing to re-architect systems and applications to match a single cloud vendor. Furthermore, no enterprise IT team will risk their careers by committing to a single infrastructure vendor. In fact, enterprises cannot forsake existing datacentres to move entirely to cloud-based everything. But the concept of an on-premise datacentre is changing. Most enterprises are transforming legacy datacentres into true private cloud environments.

Every enterprise is already hybrid

The hybrid cloud is the most logical sounding answer for the quandaries of the capital expense of existing hardware, the need for cloud agility, the fear of vendor lock-in, and the market mandates set when competitors publicly commit to cloud.

Other than a few all-cloud startups and all-hardware laggards, the majority of enterprises are already 'hybrid'. But the definition of the term 'hybrid' continues to be hotly debated in cloud computing.

Hybrid can mean a blend of on-premise and in-cloud computing, a mix of private cloud and public cloud, or a network spread across regions or datacentre. 'Hybrid' can even mean a shared space between partners, customers, and departments.

In 2016, none of that 'hybrid' will matter

A huge shift in cloud computing will finally come when end applications - from accounting software to website servers - just work. No one will care about the underlying hardware, middleware or even the device connecting to the applications.

'Hybrid Cloud' will mean cloud computing resources are interoperable with all technologies, hardware, providers, and geographies. Developers of the world will be free to build applications without any thought to the underlying architecture.

Security focus shifts from the datacentre to just the data

As data platforms modernise, security will evolve as well. No longer will organisations just build massive walls around a corporate datacentre to keep out all potential attackers.

Once hardware and software are virtualised they become part of the fabric of shared resources connected with public internet. Private cloud owners will see the value of public cloud security procedures and can avoid repeating security missteps.

2016 will be the year for datacentres to adopt additional security that boosts existing network and physical security infrastructure.

Previously, internal data and systems were completely vulnerable to malicious 'east-west' traffic. If a hacker breached the datacentre perimeter, they were able to move from application to application to gain access to all resources on the network.

In 2016, private datacentres will reflect public cloud security realities and secure internal network traffic as well. Encrypted layers of security within a datacentre or public cloud network will help organisations control access and encryption to limit malicious east/west movement.

This 'application segmentation' at the application layer will add security within the network to strengthen existing datacentre hardware and virtualisation layer security.

Enterprise application owners will realise the value of true virtual networks in concept in practice. No more will network operators believe a VLAN is actually virtual!

The limitations of the physical network architectures will be magnified once enterprises see the difference between an underlay for bulk transport and an overlay for application specific use-case tuning. The glaring security holes in physical networks once obfuscated will reveal themselves.

The collision between the cloud way and the physical datacentre way will be violent. The concept of an on-premise datacentre will change in 2016 both in how it will be built and how it will be consumed. Those with groups already working in the cloud will easily transition to a more flexible and efficient environment. It may be called private cloud or software-defined datacentre, but the name won't matter.

The question for 2017 is 'when will the traditional physical datacentre way become extinct?'

Patrick Kerpan at RightScale