Select Page

Nov 13, 2023

Cloud Repatriation Changes Little in Terms of Cybersecurity


Public cloud adoption by way of hyperscalers has remained the trend throughout 2023. It is likely to continue to be a hot commodity into 2024 and beyond. But in recent years, there has been a growing movement to repatriate some cloud environments when doing so makes sense. As with everything else in the cloud, repatriation changes very little in terms of cybersecurity. Private, locally hosted clouds are just as inviting to threat actors as their public counterparts.

Bringing Data Home

Hyperscalers have done very well for themselves by offering tools, resources, and technology assistance enterprises cannot get anywhere else. Having the resources of an entity like AWS in your back pocket is certainly attractive. But a number of things are causing organizations to rethink the hyper scale model. Data protection and location concerns are at the top of the list.

When jurisdictions enact new data protection regulations, enterprises need to think long and hard about where their data is stored. They must consider the servers on which their workloads are located and how those workloads will be brought into compliance with new regulations. Sometimes, the best thing to do is bring data back home.

Why Enterprises Repatriate

Repatriation is more or less the practice of removing workloads and data from a public cloud and relocating it on a private cloud, usually located on the organization’s physical premises. The chief reason for doing so is compliance. Data protection regulations controlling where data is stored sometimes give organizations little choice.

Other reasons for repatriation include:

  • Better Security – Repatriation can help organizations improve their security strategies. Bringing data and workloads home gives the security team more control at the local level. It also takes unnecessary individuals and entities out of the security equation.
  • Better Performance – There are times when public cloud environments cannot meet the requirements an organization needs for maximum performance. Repatriation is the best way to bring performance up to spec.
  • Cost Savings – It is no secret that public clouds can be expensive. Furthermore, their costs can be unpredictable. Repatriating can save money in the short term and help enterprises better manage their costs over the long term.

There are valid reasons to repatriate workloads and data. But organizations must be just as diligent about cybersecurity. Our position here at Hillstone Networks is that repatriation requires an added level of diligence because enterprises no longer have the assistance of their hyperscale providers.

The Same Tools Apply

All the same cybersecurity tools an enterprise would rely on in a public cloud apply to private clouds. What does Hillstone Networks recommend? For starters, firewalls are never negotiable. They are the foundation of cybersecurity in the cloud environment. In addition to firewalls, we also recommend:

  • Zero Trust – Zero trust and network access (ZTNA) assumes that every user on a network could be a threat. Access to data and workloads is controlled through permissions. Furthermore, users must identify themselves to gain access.
  • Micro-segmentation – Micro-segmentation divides the data and workloads in a private cloud into small segments that can be isolated from one another. Each segment is governed by its own security policies.
  • Detection & Response – We recommend both network detection and response (NDR) and extended detection and response (XDR) solutions to better guard against threats that do make it through the firewall.

If your organization is considering cloud repatriation with the goal of maintaining a fully private cloud or a hybrid solution, do not cut corners on cybersecurity. Repatriation changes little in terms of the security threats you face or the best means of handling those threats. Remain diligent.