Hybrid Cloud Infrastructure Security : Security Automation Approaches for Hybrid IT

Abstract

Security is the single most consequential public cloud adoption barrier for enterprise. The need to extend on-premises IT infrastructure to public clouds poses great security challenges. Solution architecting to the said challenges is critical both technically and business risk wise. Implementing infrastructure security in hybrid IT with a shared responsibility security model requires architecting with ever evolving technologies. The challenge lays in defining security principles to guide the security architecture, which can be operated across two or more clouds with different security approaches.

This thesis researched security approaches to architecting hybrid cloud security, by evaluating security implementations and coming up with recommendations on security posturing. An analytical approach to architecting hybrid security was used. The resulting security recommendations can be as a reference guide when implementing and managing hybrid infrastructure security. In the final analysis, the role of identities and access management is advanced as a step towards orchestrating and managing security by code within the context of infrastructure as code for securing hybrid cloud infrastructure. The methodology includes describing a security approach for orchestrating, automating and managing hybrid security. The study hypothesis is that security technologies are only as good as the architectural principles and approach upon which they are built and applied.