Security challenges thrown up by the public cloud

In a survey by the 451 Global Digital Infrastructure Alliance in April 2017, it was found that 77 percent of its 1,823 members polled indicated that SaaS and hosted applications were the most widely deployed hosted and cloud services in use, followed by infrastructure services at 58 percent and managed services at 44 percent.

As a result of the adoption of such services, companies are continuously having to upgrade their manpower skills to ensure the security of their applications and data.

Using legacy VPN (virtual private network) solutions to interconnect the cloud to the data center, or interconnecting different public cloud setups, is challenging since legacy VPN solutions were designed for physical data centers built 20 years ago. Typically, companies create a site-to-site VPN between the public cloud setup (AWS, Azure etc.) and the data center. All the users are then backhauled to the data center and routed to the applications in the public cloud.

Such an architecture leads to performance issues and high security risk, besides resulting in a very poor user experience. Interconnecting different public cloud setups or even different regions of the same service provider requires the company to set up site-to-site VPNs along with other security layers, leading to a very complex infrastructure to manage.

The challenge
Instasafe solution

Redesigned architecture required

Providing secure remote access to applications hosted in IaaS Clouds and interconnecting different public clouds (or different regions of the same service provider) requires a completely redesigned architecture that can provide the security overlay, preferably through software-defined secure remote access.

In our architecture, all the applications deployed in IaaS clouds can be kept in private address space inaccessible to the internet. The InstaSafe Secure Access Gateway acts as the gatekeeper for all the applications and provides an encrypted channel for users - located anywhere and using any normal internet connection - to access the applications on a ‘need-to-know’ basis.

Users are authenticated (using certificate, password and OTP) and bound to their devices. The devices themselves can be checked for various compliance requirements and allowed access to the application service only based on the user’s role. This process ensures that applications are available to authorised users with registered / authorised devices based on their job or role.

When companies deploy the same application in different clouds or require applications to exchange data that are located in different clouds or in different regions, Secure Access creates an encrypted private network between the clouds (or regions) with access restricted to specific services only. This helps create your own custom VPC (virtual private cloud) network.

Our central management console - named Core - helps you manage seamlessly the secure remote access on the VPC network and your data center.


Secure Access by InstaSafe enables you to create a secure, encrypted and custom private network with granular access control. The InstaSafe Cloud itself is highly scalable and elastic and allows you to scale at will globally and on-demand. With the security, availability and scalability functionalities of InstaSafe Secure Access, you get the freedom to move your applications to the most appropriate location, with the confidence and speed required by your business.

Start your free trial and discover why InstaSafe is loved by customers.

A free trial of our InstaSafe software gives you access to on-demand virtual private networks with no upfront investment or hardware

Get your free trial
Powered by Think201