DATA EXPOSURE RISKS IN HYBRID VS. MULTI-CLOUD MIGRATIONS: A COMPARATIVE ANALYSIS

Abstract

Hybrid and multi-cloud have increasingly emerged as a dominant trend of adopting better flexibility, scalability and control for data among organizations. A hybrid cloud is a combination of on-premise hardware or software with the more flexible and open public and/or private clouds, covering a range of options for workloads based on data sensitivity, regulatory constraints, and case of operation. While multi-cloud architectures split resources among multiple Providers, multi-cloud in turn restricts businesses from vendor lock-in, offering flexible services to different workloads. Nevertheless, all methodologies present a different level of data exposure which may compromise the integrity, privacy, and security of data.

This research takes a look at the challenges associated with migrating into hybrid and later multi-cloud, comparing the self-evident risks to data exposure that arise from each approach. Data transfer between on-premises and cloud environments is a common problem for hybrid cloud models, which combined with misconfigurations and uneven access policies, increases the risk of breaches. On the other hand, security policy management for multi-cloud setups becomes too cumbersome to handle on a single environment and often lead to security gaps and more compliance issues. Risking these factors are very important as firms shape migration to the cloud strategies. In this paper, we are interested in understanding the best security practices and mitigation approaches so that we can provide practical insights to companies looking at how to protect sensitive data and how to make an educated choice on a cloud migration strategy.