3 challenges to data privacy
in a hybrid IT world

Avoid risking your data entering the cloud unprepared or missing out on its benefits altogether because of an over-zealous security team.


Few options exist to protect data in both on-premise and cloud applications. Securing data has meant doubling efforts: one set of policies for on-premise application data and another for the cloud.

ESG Research's 2013 IT Spending Intentions Survey suggests that cloud computing will be a popular investment for many companies this year. Half of the companies surveyed reported that they also plan to increase spending in information security1.

That these two areas should receive budget boosts in tandem is no surprise. "In our research, 63 percent of organizations said that [security] is their largest concern about moving to the cloud," writes Ventana Research analyst Mark Smith2. In fact, "38 percent of organizations said cloud computing is risky enough that they do not use it or limit it significantly," he adds.

The perfect storm

Protecting application data in the cloud is difficult for three reasons:

  1. The cloud doesn't exist in a vacuum. We have a hybrid world, where data resides in both on-premise and cloud-based applications and frequently travels between the two. The problem? On-premise security policies and controls do not automatically transfer to the cloud, and vice versa.
  2. Cloud application vendors may not prioritize security features. "Customers just aren't willing to pay extra for it," explains Kristin Kokie, vice president of IT, Enterprise Strategic Services, at Informatica. "Security functionality in the cloud is difficult to accomplish, so without a meaningful return, some vendors just forego it."
  3. Technology Innovation has been lacking. Few options exist to protect data in both on-premise and cloud applications. Securing data has meant doubling efforts: one set of policies for on-premise application data and another for the cloud.

A sea change

"In order to effectively take advantage of what cloud architectures have to offer, application security teams need to be comfortable that they can deploy a security policy and have it follow the data-no matter where it resides," says Julie Lockner, vice president, Product Marketing, at Informatica.

The new virtual data machine (VDM) from Informatica, called Vibe, has a simple mission: To integrate and protect data regardless of its platform. This provides benefits from two perspectives:

  1. Data security in the cloud. Development teams can define one security policy and deploy it anywhere to protect data as it moves between cloud apps or between on-premise apps and the cloud.
  2. Data security from the cloud. IT organizations can now establish, enforce, and monitor security policies from a virtual machine that is itself a cloud application.

"When you centralize data security control, you ensure greater consistency across all application instances," says Informatica's Kokie. "This goes beyond protecting data and meeting compliance regulations-it enhances productivity by giving time back to development teams. And it helps everyone breathe a tremendous sigh of relief."

For more on using Vibe to enable a hybrid IT solution, read this white paper.

Related resources

1ESG Research, "2013 IT Spending Intentions Survey," January 2013.
2Smith, Mark, "Informatica Has New Vibe for Information Optimization," June 14, 2013.

Related content



Humana relies on Informatica Data Integration hub to personalize member plans and programs for increased customer engagement.


Security study finds 'depressing' gap between knowledge and action

IT professionals admit to understanding hidden data risks but are not investing in the automated tools to address them.


Quiz: How secure is your corporate application data?

Think your application data is secure? Find out if commonplace practices have left your corporate data more vulnerable than you think.


Keeping data safe: How to bridge the business/IT communication gap

Lacking an application data security strategy? Use these tips to foster a more balanced, collaborative approach to data security.