Hybrid Cloud Adoption

Hybrid cloud, according to NIST, means:

The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).

However, I feel like the market adopted Muticloud as “more than one public cloud” and hybrid cloud as “private and public cloud combined”. This Red Hat video makes a great case about it:

With all that being said, I stumbled upon this article that highlights how Hybrid Cloud is a trend in Cybersecurity. I totally recommend the read. However, I don’t agree with a key aspect on it and I’m looking for a good discussion around the topic.

I feel like the article revolves around mentioning how a hybrid model can be more secure than public only because allows the organization to handle PII and other sensitive data to be processed locally rather than remotely. I fail to understand how “traditional TI”, or even modern data center based for that matter, can provide better tooling around data protection than the likes of AWS, Azure, or Google, which have their Shared Responsibility Model that alone offloads much of the security responsibility.

Any light here?

OK can’t quite stop laughing at this statement. Have they never worked for a REAL company? Standardization is almost at yeti or unicorn status ESPECIALLY when it comes to cloud. You hear people talk about it all the time but I have rarely ever seen it. Have you ever tried to standardize existing data center infrastructure with your cloud environment? Super, super hard. And if I had a nickel for every customer I’ve talked to that said “well our company standard is XYZ, BUT …” (there is always a BUT).

Might be running off on a tangent here but…
For example, I worked for a major retailor previously. Retail is the perfect use case for cloud bursting right? Every Christmas we needed more compute and DB capacity so bursting is the perfect solution. This is way easier said than done. I could go on and on about our struggles but let’s just say you can’t easily align a vmware box with the same build process, tools, etc and just throw it in a cloud and make it work the same as on-prem. Granted cloud providers are trying to make it easier to use the same tools in both spaces but it’s still a struggle. I think all these people are writing from a world of rose colored glasses or they are “assuming” that all these companies were born in the cloud.

Anyway, yes I do believe that “multi-cloud” means you are using more than 1 public cloud vendor and “hybrid cloud” is private or on-prem AND one or more of the public clouds. I would also disagree that a private cloud is more secure given that governments have gone to trusting public cloud just as much as private, if not more. Both public and private clouds are only as secure as you make them. You can have all your PII data in your data center but if you leave the front door open, then I’d argue that public cloud is safer since we know those facilities don’t just let anyone in.