It’s the Year of Application Layer Security in Public Clouds

The cloud continues to be a significant force in enterprise computing and technology adoption.  Enterprises that have adopted cloud have seen slashes capital expenses, increased agility, centralized information management, and scaled their businesses quickly.

The 2015 RightScale State of the Cloud Survey estimates that 93% of respondents are adopting cloud – 88% are using public cloud, 63% using private cloud, and 58% using both.

rightscale hybrid cloud


With resources spread across providers, regions, and technologies, in this hyper-connected environment, most enterprises will likely never commit completely to one cloud model, provider or technology.

No IT pro is rushing to re-architect systems and applications to match a single cloud vendor. Furthermore, no enterprise IT team will risk their careers by committing to a single infrastructure vendor.  In fact, enterprises cannot forsake existing data centers to move entirely to cloud-based everything.  But, the concept of an on-premise data center is changing. Most enterprises are transforming legacy data centers into true private cloud environments.  

Every enterprise is already hybrid

The hybrid cloud is the most logical sounding answer for the quandaries of the capital expense of existing hardware, the need for cloud agility, the fear of vendor lock-in, and the market mandates set when competitors publicly commit to cloud.

Other than a few all-cloud startups and all-hardware laggards, the majority of enterprises are already “hybrid”. But the definition of the term “hybrid” continues to be hotly debated in cloud computing.

Hybrid can mean a blend of on-premise and in-cloud computing, a mix of private cloud and public cloud, or a network spread across regions or data center. “Hybrid” can even mean a shared space between partners, customers, and departments.

every enterprise is hybrid

In the future, none of that “hybrid” will matter

A huge shift in cloud computing will finally come when end applications – from accounting software to website servers – just work. No one will care about the underlying hardware, middleware or even the device connecting to the applications.  

“Hybrid Cloud” will mean cloud computing resources are interoperable with all technologies, hardware, providers, and geographies.  Developers of the world will be free to build applications without any thought to the underlying architecture.  

Security focus shifts from the data center to just the data

As data platforms modernize, security will evolve as well. No longer will organizations just build massive walls around a corporate data center to keep out all potential attackers.

Once hardware and software are virtualized they become part of the fabric of shared resources connected with public internet. Private cloud owners will see the value of public cloud security procedures and can avoid repeating security missteps.

Will this year be the year for data centers to adopt additional security that boosts existing network and physical security infrastructure?

Previously, internal data and systems were completely vulnerable to malicious “east-west” traffic. If a hacker breached the data center perimeter, they were able to move from application to application to gain access to all resources on the network.

In the future, private data centers will reflect public cloud security realities and secure internal network traffic as well. Encrypted layers of security within a data center or public cloud network will help organizations control access and encryption to limit malicious east/west movement.

This “application segmentation” at the application layer will add security within the network to strengthen existing data center hardware and virtualization layer security.

Enterprise application owners will realize the value of true virtual networks in concept in practice. No more will network operators believe a VLAN is actually virtual!

The limitations of the physical network architectures will be magnified once enterprises see the difference between an underlay for bulk transport and an overlay for application specific use-case tuning. The glaring security holes in physical networks once obfuscated will reveal themselves.

The collision between the cloud way and the physical data center way will be violent. The concept of an on-premise data center will change in 2016 both in how it will be built and how it will be consumed. Those with groups already working in the cloud will easily transition to a more flexible and efficient environment.  It may be called private cloud or software defined data center, but the name won’t matter.

The question for 2017 is “when will the traditional physical data center way become extinct?”

By: Margaret Valtierra