Applications

Three Ways Federal Agencies Can Manage and Secure Their Hybrid Data Centers

June 23, 2020

Three Ways Federal Agencies Can Manage and Secure Their Hybrid Data Centers

As hybrid environments become more popular, federal IT teams are faced with managing and securing their on-premises and cloud infrastructures, while minimizing costs—and there’s no single tool or approach that can solve all these problems.

With this in mind, let’s look at three ways federal agencies can address these challenges by adopting new mindsets, tools, and best practices.

  1. Shift Skills and Mindsets From On-Premises to Cloud Thinking

The skills involved in managing a physical data center are different than those needed to manage hybrid cloud environments. The cloud draws on a vast array of capabilities, such as virtualization and containerization. At the same time, these bring a hidden challenge—a cloud security skills gap.

According to CSO Online, nearly a third of organizations have identified a challenge in locating individuals capable of managing converged infrastructures. Things get even more problematic when staff try to manage their cloud infrastructures as an extension of their private data centers. Use of a hosted provider is great for efficiency and agility, but it can play havoc with an IT administrator’s ability to visualize and control everything going on with their applications and data. This can create security blind spots—something no government IT professional wants.

Then, there’s the shared security model, which can be confusing. The cloud provider is responsible for security of the cloud; the agency is responsible for securing applications and data in the cloud. Any misunderstanding about where this line of separation falls could create gaps in the organization’s security posture.

To build the right understanding and knowledge there must be a concerted effort by IT and agency leaders to find ways to bridge the divide between traditional IT and the cloud monitoring data. Additional education is required, agencies must train individuals in the area of cloud security and performance or supplement them with outside resources.

  1. Choose the Right Tools

While tools and technology in and of themselves will not solve these challenges, the right solutions can support agencies’ security efforts. But, managing applications on different infrastructures requires a new approach to tooling.

Traditional security and IT management tools are either designed for the cloud or on-premises infrastructures, not both. But administrators need a single pane of glass with an unfettered view across their hybrid and multi-cloud environments. Through this view, they can gain a complete picture into the overall health, performance, and security of their network, database, systems, and applications, so they can quickly and easily identify and mitigate risk.

  1. Harmonize Access Control

Compliance requirements and other mandates require detailed user access monitoring, particularly for users who have access to critical and sensitive data. But access control and management must harmonize, so they can manage and audit access rights across the entire infrastructure—both cloud and on-premises.

Hybrid Cloud Management and Security: More Than a “Lift and Shift” Approach

The challenge for agencies is to balance the elasticity, scalability, and nimbleness of the cloud without introducing overbearing levels of security and monitoring, or overburdening IT teams.

Agencies should approach their hybrid data center strategy in a way that leverages their resources wisely—sharpening the skills to avoid exposing their cloud environment to risk and adopting new tools designed for the complexities of hybrid environments.

Find the full article on Homeland Security Today.


Jim Hansen is the vice president of products, application management, at SolarWinds, bringing over 20 years of experience building and delivering simple and easy-to-use software solutions. Jim is passionate about customers, understanding their needs, and delivering solutions that make their jobs easier and their infrastructures easier to manage and secure. He joined SolarWinds in August 2018 to help build the security portfolio, and has since been focused on growing the application management business—designed to help IT professionals and developers manage and monitor the health and performance of their application infrastructures.