This is the 47th article in the award-winning “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress.
By Ray Bernard, PSP, CHS-III
The definition of hybrid cloud has evolved, and it’s important to understand the implications for physical security system deployments.
★ ★ ★ GET NOTIFIED! ★ ★ ★
SIGN UP to be notified by email the day a new Real Words or Buzzwords? article is posted!
Real Words or Buzzwords?
The Award-Winning Article Series
#1 Proof of the buzzword that killed tech advances in the security industry—but not other industries.
#2 Next Generation (NextGen): A sure way to tell hype from reality.
#3 Customer Centric: Why all security industry companies aren't customer centric.
#4 Best of Breed: What it should mean to companies and their customers.
#5 Open: An openness scale to rate platforms and systems
#6 Network-friendly: It's much more than network connectivity.
#7 Mobile first: Not what it sounds like.
#8 Enterprise Class (Part One): To qualify as Enterprise Class system today is world's beyond what it was yesterday.
#9 Enterprise Class (Part Two): Enterprise Class must be more than just a top-level label.
#10 Enterprise Class (Part Three): Enterprise Class must be 21st century technology.
#11 Intuitive: It’s about time that we had a real-world testable definition for “intuitive”.
#12 State of the Art: A perspective for right-setting our own thinking about technologies.
#13 True Cloud (Part One): Fully evaluating cloud product offerings.
#14 True Cloud (Part Two): Examining the characteristics of 'native-cloud' applications.
#15 True Cloud (Part Three): Due diligence in testing cloud systems.
#16 IP-based, IP-enabled, IP-capable, or IP-connectable?: A perspective for right-setting our own thinking about technologies.
#17 Five Nines: Many people equate high availability with good user experience, yet many more factors are critically important.
#18 Robust: Words like “robust” must be followed by design specifics to be meaningful.
#19 Serverless Computing – Part 1: Why "serverless computing" is critical for some cloud offerings.
#20 Serverless Computing – Part 2: Why full virtualization is the future of cloud computing.
#21 Situational Awareness – Part 1: What products provide situational awareness?
#22 Situational Awareness – Part 2: Why system designs are incomplete without situational awareness?
#23 Situational Awareness – Part 3: How mobile devices change the situational awareness landscape?
#24 Situational Awareness – Part 4: Why situational awareness is a must for security system maintenance and acceptable uptime.
#25 Situational Awareness – Part 5: We are now entering the era of smart buildings and facilities. We must design integrated security systems that are much smarter than those we have designed in the past.
#26 Situational Awareness – Part 6: Developing modern day situational awareness solutions requires moving beyond 20th century thinking.
#27 Situational Awareness – Part 7: Modern day incident response deserves the help that modern technology can provide but doesn’t yet. Filling this void is one of the great security industry opportunities of our time.
#28 Unicity: Security solutions providers can spur innovation by envisioning how the Unicity concept can extend and strengthen physical access into real-time presence management.
#29 The API Economy: Why The API Economy will have a significant impact on the physical security industry moving forward.
#31 The Built Environment: In the 21st century, “the built environment” means so much more than it did just two decades ago.
#32 Hyper-Converged Infrastructure: Hyper-Converged Infrastructure has been a hot phrase in IT for several years, but do its promises hold true for the physical security industry?
#33 Software-Defined: Cloud-computing technology, with its many software-defined elements, is bringing self-scaling real-time performance capabilities to physical security system technology.
#34 High-Performance: How the right use of "high-performance" can accelerate the adoption of truly high-performing emerging technologies.
#35 Erasure Coding: Why RAID drive arrays don’t work anymore for video storage, and why Erasure Coding does.
#36 Presence Control: Anyone responsible for access control management or smart building experience must understand and apply presence control.
#37 Internet+: The Internet has evolved into much more than the information superhighway it was originally conceived to be.
#38 Digital Twin: Though few in physical security are familiar with the concept, it holds enormous potential for the industry.
#39 Fog Computing: Though commonly misunderstood, the concept of fog computing has become critically important to physical security systems.
#40 Scale - Part 1: Although many security-industry thought leaders have advocated that we should be “learning from IT,” there is still insufficient emphasis on learning about IT practices, especially for large-scale deployments.
#41 Scale - Part 2: Why the industry has yet to fully grasp what the ‘Internet of Things’ means for scaling physical security devices and systems.
#42 Cyberspace - Part 1: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#43 Cyber-Physical Systems - Part 1: We must understand what it means that electronic physical security systems are cyber-physical systems.
#44 Cyberspace - Part 2: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#45 Artificial Intelligence, Machine Learning and Deep Learning: Examining the differences in these technologies and their respective benefits for the security industry.
#46 VDI – Virtual Desktop Infrastructure: At first glance, VDI doesn’t seem to have much application to a SOC deployment. But a closer look reveals why it is actually of critical importance.
#47 Hybrid Cloud: The definition of hybrid cloud has evolved, and it’s important to understand the implications for physical security system deployments.
#48 LegacyHow you define ‘legacy technology’ may determine whether you get to update or replace critical systems.
#49 H.264 - Part 1Examining the terms involved in camera stream configuration settings and why they are important.
#50 H.264 - Part 2A look at the different H.264 video frame types and how they relate to intended uses of video.
More to come about every other week.
The thing with many terms, including hybrid cloud, is that they are initially defined by vendors, not by end users. The vendor that first coins a term defines it in a way that benefits that vendor and aligns with its products. Then other vendors come along and apply the term to their products, which have similar characteristics but aren’t identical to – and sometimes are only partly similar to –the products the term was originally invented for. This lets them leverage the buzz around the original term – but it also creates significant confusion and misunderstandings for end users and other technology stakeholders for whom the term has effectively become meaningless.
Definition of Hybrid Cloud
So, I searched SecurityInfoWatch.com and found more than 50 articles with key mentions of hybrid cloud, including an article by security industry veteran Steve Surfaro, which he wrote in 2010. Steve is the first security industry person who mentioned hybrid cloud to me, way back then.
In that article Steve defined hybrid cloud: “A hybrid cloud is a combination of a public and private cloud that interoperates. In this model users typically outsource non-business- critical information and processing to the public cloud, while keeping business-critical services and data in their control.”
That’s how hybrid cloud began. A year later, NIST provided this definition in Special Publication 800-145, The NIST Definition of Cloud Computing: “The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).” What’s important to note about that definition is NIST’s statements that private and community clouds “may exist on or off premises.”
Whatis.com defines hybrid cloud this way: “Hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms.” It is the “orchestration” part of this definition that is significant. In a multi-cloud platform, orchestration provides end-to-end automation and coordination of multiple processes. This orchestration aspect has special significance for security industry hybrid-cloud deployments, as we’ll touch on later in this article.
Hybrid Cloud Evolves
In the years following, many organizations found that in addition to linking on-premises cloud systems with off-premises cloud systems, there were benefits to linking on-premises non-cloud systems with off-premises cloud systems. Well, that completely changes the landscape of hybrid-cloud. This evolution led Forrester Research Principal Analyst Dave Bartoletti to provide a new working definition of hybrid cloud: “One or more public clouds connected to something in my data center. That thing could be a private cloud, that thing could just be traditional data center infrastructure.” And, according to physical security industry vendors, hybrid cloud also includes computing infrastructure that resides on-premises but outside the data center. All of these definitions are valid because it’s how cloud technology is actually being used.
What’s So Special About Hybrid Cloud?
Isn’t it simply another form of integration to connect a legacy on-premises system to a cloud service? My opinion is: Yes. And if the data connection aspect is all there is to the deployment, I wouldn’t really call it hybrid cloud. It’s simply cloud integration. That doesn’t change the architecture of the on-premises systems.
Emerging new technology and evolving current-day technology have begun to take advantage of the cloud side of hybrid cloud in ways that are very significant. For example, the decades old client-server on-premises architecture found in most deployed security systems has significant disadvantages – including cybersecurity weak points – that a current-technology hybrid cloud architecture can eliminate.
In a real hybrid cloud system, many aspects of infrastructure management are performed automatically by the cloud side of the deployment. This includes, but definitely is not limited to, automatic feature and security updates for on-premises servers, appliances and devices – including operating system software, application software, and device firmware. This capability means that for the first time, on-premises security systems can maintain their best cybersecurity profile automatically, without special action being required on the part of the end-user customer or the security system service provider.
In the near future we’ll see video analysis platforms that automatically divide the video analysis workload between on-premises components and cloud-system components, based on the size of the workload, the real-time requirements of the data being extracted, and real-time bandwidth capacities. Today, Eagle Eye Networks manages video data transfer to the cloud to maintain specified levels of cloud-connection network bandwidth usage, and monitors camera LAN bandwidth use as well. It also automatically updates the software on the Eagle Eye on-premises appliances.
Note that the cloud-management capability extends across multiple on-premises deployments. Besides providing central management of on-premises systems across multiple sites, the ability to update on-premises system servers, appliances and devices is a significant future-proofing factor.
Please note that there are many excellent hybrid cloud capabilities by vendors that space doesn’t permit mentioning here. Vendors with such capabilities should write to me about them via LinkedIn or here and I’ll publish a follow-up article describing those capabilities.
About the Author:
Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities (www.go-rbcs.com). In 2018 IFSEC Global listed Ray as #12 in the world’s top 30 Security Thought Leaders. He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Mr. Bernard is a Subject Matter Expert Faculty of the Security Executive Council (SEC) and an active member of the ASIS International member councils for Physical Security and IT Security. Follow Ray on Twitter: @RayBernardRBCS.