Five Key Challenges in Private Cloud Security

The cloud comes in two flavors—public and private—and the distinction between the two is critically important. Public cloud providers sell resources such as computing cycles and storage bytes on a pay-as-you-go basis. The hardware and software that make up the platform are invisible—your team only sees a black-box abstraction that supports your applications and data. The benefits are substantial: You avoid capital investment and costly refresh cycles and gain virtually unlimited scalability, high reliability, dependable data backup, and business agility.

However, the public cloud also takes away control. Your applications and data share infrastructure with other companies, an uncomfortable arrangement for some companies in securityconscious industries such as healthcare and financial services. In addition, abstracting the platform creates problems for highly regulated industries that require validation whenever the system changes in any way that impacts workflows, data, or business logic—examples include medical devices and pharmaceuticals. For these and other reasons, many companies host their sensitive data and core business applications in private clouds and use public clouds to provide scalability and move services closer to their customers.