#Cloud
#Cybersecurity
19/04/2022
Today, customer needs are changing and evolving with the emergence of new technologies and service models. From a private cloud setup, they may want to transition to a public cloud or once again establish their IT infrastructure in-house. It also happens that they choose a combination of the proposed solutions to maximize their activities and support their growth. Rcarré offers all these options, either individually or in combination.
The concept of digital transhumance perfectly describes this phenomenon, through the digital journey that a company can initiate among various service models.
In response to this phenomenon, our vision is both strategic and technological, shared between two service models: private cloud and public cloud.
The public cloud is a model in which solution providers (mainly the GAFAM companies) make IT infrastructure and associated services available. The public cloud is a triangular model: the providers who make the infrastructure available, service companies like Rcarré that manage this infrastructure, and the end customer who consumes the resources made available according to their needs.
The private cloud is a model where the service provider makes its own infrastructure available, hosted in data centers in Luxembourg. This infrastructure is therefore purchased, managed, and operated by the provider itself. The provider also manages all service layers in order to provide a comprehensive and fully managed service.
Hybridization is a clear advantage in this concept of transhumance. Depending on the needs of each company, the customer will deploy their applications in the best location based on their requirements: in the public cloud, in the private cloud, or in a SaaS solution, all while maintaining complete coherence in the company’s solutions.
Firstly, it is appropriate to remind that these two service models (private and public cloud) are not in opposition. The service strategy in place is identical, allowing us to provide a consistent solution to our customers, always maintaining a high-quality standard.
However, the models will exhibit differences in:
The public cloud offers three service levels:
The private cloud provides two types of platforms :
In the private cloud, clients are part of a shared infrastructure with existing services and technologies in place (e.g., dual firewall, anti-virus scanning, web filtering, 24/7 standby service, detection, and blocking of malicious behavior). Penetration tests are conducted annually on our private cloud. Other services can be shared, such as Active Directory, Netscaler, reverse proxies, etc.
Regarding the public cloud, Microsoft 365 is already a shared service, and server clusters are provided to enable services like Exchange Online. For Azure, mutualization is not possible since each client has their own infrastructure. However, at the managed services level, management consoles can be shared, especially with Azure Lighthouse, which enables customer support.
There are two types of costs for the public cloud :
For the private cloud, costs are defined at the time of the offer, with no additional usage costs. Furthermore, private cloud clients benefit from additional technologies (e.g., malicious behavior detection and blocking) at no extra cost due to infrastructure mutualization.
On our private cloud, support is entirely provided by our local teams, whether for user or infrastructure issues, without third-party involvement, ensuring a quicker response in case of problems.
Regarding our public cloud solution, there are two types of support:
The Azure solution in the public cloud includes the following managed services :
Services included in the private cloud are 100% provided by a local team and include :
In the private cloud, data is backed up daily and retained for one week, followed by a weekly backup that is kept for eight weeks, providing two months of backup coverage. Backups can be extended as needed or stored on secure external media. In the public cloud, backup retention aligns with that of the private cloud. Azure backups are georedundant, meaning they are sent to a secondary site at a distance of at least 1500 km.
Our private cloud solution is redundant due to its presence in two Tier IV data centers in Luxembourg. The network is split between these two data centers, connected by dark fibers following different paths to ensure redundancy. Internet connectivity is provided by different providers for each data center, but with IP addresses that we own. All of this allows for a quick response in the event of an incident to bring up infrastructure in either data center without changing addressing or configuration.
“Site recovery” is a possible option in the public cloud to ensure disaster recovery to another data center. As for resilience, there are three possibilities in Azure:
In the public cloud, we benefit from numerous services offered by Microsoft that allow for rapid deployment of images with the latest updates. There are also “Infrastructure as Code” services like Terraform or Azure by Step that enable writing code to define infrastructure more quickly and securely (avoiding human errors).
On the other hand, automation in the private cloud is not as advanced as in the public cloud. We leverage possible automations from the public cloud to implement as many as possible in the private cloud.
As emphasized by the Luxembourg regulator, in both cases, it involves IT outsourcing. In this regard, the company must conduct a comprehensive analysis of this outsourcing before opting for either solution. The documentation required is substantial for both solutions. Naturally, information security is a critical consideration.
Managing outsourcing is crucial, and therefore, the cloud officer is responsible for proper management of automation, billing, and oversight of activities at the cloud provider. This cloud officer role comes with strict requirements in terms of product knowledge, which is why it is often outsourced.
Notification to the regulator must be submitted before migrating to the cloud because approval will require some time. However, turning to Rcube will greatly facilitate the company’s efforts, because we’re already advertised near the regulator.
In summary, compliance and the cloud:
In conclusion, it is evident that there is no one solution better than the other! The suitable solution is found through studying the client’s needs and constraints, and perhaps increasingly involves the allocation of resources between private cloud, public cloud, on-premises infrastructure, and SaaS applications – in other words, IT hybridization.
Interested by a new model ?
Revew the webinar (FR)