Cloud Bursting is the new catch phrase of the time.
Heard it the other day during an analysts briefing about the newest developments in cloud computing. The idea of cloud bursting is for the most part, major enterprises will want to house their own cloud services for day to day operations, but then expand into the public cloud during peaks in demand. They want to burst their internal cloud for an external cloud platform. Thus “cloud bursting”.
Sounds good on paper. An online floral deliver service can run their website on their own in house cloud, adding new sites and services. This internal cloud is preferred from a security point of view in that all user PII and other sensitive information stays in house and under the enterprise’s watchful eye. Now, when Mother’s Day rolls around, the company can “cloud burst”; access on a temporary basis additional websites it will need just for the holiday rush period. They expand their capacity on a temporary basis by creating a hybrid cloud of internal and external services.
Well, that all sounds very impressive and it is logically it makes a ton of sense, both technically and economically. However, the devil is in the details and my view is the success of this concept of cloud bursting is completely dependent on getting the security right. It might look easy on paper to add a few more virtual sites to your hybrid cloud, but if the services requires any PII or other sensitive information, you are now moving that information to an external site and the game just got a lot stickier.
As mentioned elsewhere, data ownership of sensitive information is becoming more and more of an issues. Yes, you can sign contracts with outside cloud vendors to insure security, but most CxO’s I talk to still have it in their DNA that secured information should stay internal.
What this concept of cloud bursting tells me this is an opportunity to get your single sign on (SSO) or federation house in order. A rock solid identity foundation running your current external web sites should be able to remotely add external cloud sites and still manage security (authentication and authorization) on the internal infrastructure. The external cloud sites would be “neutered” versions of the web resources and would use federation or redirection to an SSO identity provider on internal resources for user security. Again, sounds easy on the whiteboard.
So, as you make plans to expand you online presence, now might be the time to invest in building up your external facing security infrastructure and get use to managing multiple instances of your web resources securely. Then, when you have to “burst your cloud”, it won’t be as painful and you can support the business needs of the company easier and at lower cost.
And if you haven’t seen George Clooney in the The Men Who Stare At Goats, you should. Highly recommended and he shows his version of “cloud bursting”.
Sean ONeill's Identity Crisis 