What You Need to Know About Hybrid Cloud Environments

CIS Hardened Images Bake in Standards, Reduce Vulnerabilities


What does your cloud configuration look like? In many organizations, moving workloads to the cloud creates a more elastic technology infrastructure. Hybrid compute environments are a popular solution. A hybrid cloud computing environment requires orchestration between two types of platforms:

  • On-premises, private cloud: Computing services offered to select users over the Internet or a private internal network
  • Public cloud: Services offered by third-party providers to anyone over the public Internet

Each environment has unique advantages that help organizations stay flexible and secure. CISOs, IT Directors, Solution Architects, and other technology experts are taking notice – a recent survey shows an expected 109% increase in Infrastructure-as-a-Server (IaaS) server adoption in the next 24 months! (Source: ESG Research Survey, Trends in Server Hardening, April 2018.) So, what else do you need to know about this growing trend?

Mixing and moving workloads

Modern infrastructure calls for a multidimensional approach to the cloud. While the private cloud approach offers a higher level of privacy, it often requires the same staffing and maintenance expenses as a traditional data center. Using a public cloud is convenient and scales quickly, but may not offer enough security controls for sensitive organizational data. A hybrid cloud environment takes advantage of both options.

By deploying a hybrid cloud environment, organizations can effectively maintain tighter security controls over sensitive data and processes. They can use their private cloud while enjoying the flexible computing of its public counterpart. It is important to understand the shared security responsibility between organizations and public cloud vendors to defend against cyber threats.

post 3 image 1 CIS

A secure standard

Whether private, public, or hybrid, cloud infrastructure is under attack. Nearly half of recent survey respondents shared that they experienced at least one cybersecurity incident in the last 24 months due to misconfigured technology. (Source: ESG Research Survey, Trends in Server Hardening, April 2018.) To prevent attacks and exploits, organizations should implement secure configurations such as the CIS Benchmarks™. There are more than 140 CIS Benchmarks providing consensus-developed security recommendations covering more than 14 technology groups, including public cloud foundations, servers, and operating systems. They are free to download in PDF format.

 Download CIS Benchmarks

Another challenge facing organizations working in the cloud is meeting compliance. Federal regulations, industry requirements, and internal security policies all drive compliance needs. When implemented, the CIS Benchmarks can help meet security compliance for PCI DSS, NIST, HIPAA, and more. The CIS Benchmarks are also mapped to the CIS Controls®, a set of cybersecurity best practices designed to help organizations develop a stronger defense program.

Hardening the cloud

For mission-critical systems and data residing in the cloud, the need for security is paramount. That’s why many cloud OS and container images are being developed “pre-hardened.” A pre-hardened machine is configured against cybersecurity vulnerabilities such as open ports, privilege escalation, and DDoS. The CIS Hardened Images® are one option that offers conformance to the CIS Benchmarks security standard for a variety of public cloud environments.

post 3 image 2 CIS

CIS Hardened Images help defend public cloud environments from the instant they’re launched. Because they’re pre-hardened, the CIS Benchmarks guidance is baked into the virtual machine. Each CIS Hardened Image comes with an assessment report displaying each security recommendation implemented, as well as any which could not be applied due to cloud restrictions. In 2019, CIS Hardened Images helped protect over 300 million compute hours in the cloud. Launch one today via AWS Marketplace, Microsoft Azure Marketplace, Google Cloud Platform Marketplace, or Oracle Cloud Marketplace.

View CIS Hardened Images


Copyright © 2020 IDG Communications, Inc.