October 14, 2021

To Cloud or Not to Cloud? The Case for a Hybrid Infrastructure

The cloud, for better or for worse, has enabled rapid growth technology start-ups to go from a tiny office to a global organization in just a few short years. Suddenly, the cloud introduced a world where you didn’t have to sink all your CapEx into hardware and pay a handful of fairly expensive employees to stand up a network capable of supporting your first few thousand users. During the days of on-prem-only infrastructure, seeing success meant you were inevitably hit with growing pains around scalability. You simply could not go from 1 to 100,000 monthly active users (MAUs) without significant lift from your hardware team.

Today, public cloud providers offer auto-scaling capabilities; your environment automatically adapts with a few clicks and a credit card on file. Now, the only thing you have to be concerned about is your bill at the end of the month. Digital growth used to be hard. It used to require humans in seats for endless hours, manual monitoring, manual threat hunting, and consequently, it used to only be as good as the woman behind the machine.

But, it’s not all good news. In the process of breaking barriers, security best practices were sometimes sacrificed. As with anything in the modern era, democratization and accessibility of new technologies introduces new levels of risk. Well-planned infrastructure that used to be developed by experienced teams with Computer Science degrees largely gave way to remotely spun up infrastructures supported by self-taught developers.

Not that either type of worker is necessarily better or more skilled than the other, but less formalized education means you’re relying on the experiences they sought out themselves rather than a typical textbook skillset. This means it is up to leadership, hiring managers and recruiters to not only ask the right interview questions, but to also set employees up for success in terms processes and procedures to help ensure there are no unrealistic assumptions that can lead to security gaps down the road. It also means that as an industry we need to acknowledge that architecting in the cloud is very different than architecting an on-prem infrastructure.

The thing about public clouds…

  • They are great for scale – you can build fast, deploy fast, and grow fast. However, according to Future from a16z, …”as we see a more complete picture of cloud lifecycle on a company’s economics – it’s becoming evident that while cloud clearly delivers on its promise early on in a company’s journey, the pressure it puts on margins can start to outweigh the benefits, as a company scales and growth slows.”
  • The cloud is just someone else’s computer - It introduces a shared responsibility model, one that requires an organization educate itself and its people around the legal and regulatory requirements, along with the security implications of building in the cloud. In fact, according to Help Net Security, Misconfigured cloud storage services are commonplace in a stunning 93% of the cloud deployments analyzed, and most also have at least one network exposure where a security group is left wide open. These issues will likely increase in both velocity and scale—and they’ve already contributed to more than 200 breaches over the past two years.”
  • Somebody’s coming – you can always lean on your cloud provider if you hit a bump in the road. Their teams are much larger and therefore typically have specialized skillsets and experience in handling most cloud scenarios. They might not always be able to help, but at least you have a number to call and the peace of mind knowing there is someone to pick up the phone at the other end.

The thing about on-prem…

  • You maintain 100% control over your equipment, your data and your physical access 100% of the time. For industries or businesses that take their intellectual property (IP) very seriously or are required by certain laws of regulations, control can be a big reason to stay on-prem.
  • It requires hands-on infrastructure planning - Wire and power management are entire work functions that, if not meticulously managed and maintained, can cause issues and even serious damage to your equipment. The downside of buying your own equipment means that you also need to maintain it, manage it and upgrade it – constantly.
  • Nobody’s coming – meaning, you need to have very smart, trustworthy, committed people on your team because there isn’t anyone to call when someone goes wrong except for your own people.

There are positives and negatives to both the cloud and on-prem approach to building, deploying and scaling the technologies of tomorrow. The most innovative organizations are embracing a hybrid approach – much like the working environments of the post-pandemic era which we hope to near soon. Finding a balance that meets the demands of your team and your customers is the key to seeing maintainable growth and building the best possible foundation for a flexible future.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.