By, Monier Jalal, Head of Cloud Product Marketing
It is no surprise that cloud adoption drives multiple business benefits, including decreased time to market, increased security, and business growth. However, modern cloud deployments are tremendously complex and typically span multiple clouds. In fact, a recent survey indicates that 93% of enterprises have a multi-cloud strategy.
While public cloud providers dedicate extensive efforts to security, customers retain responsibility for how they use those services, including the data that is stored in them, and how it is shared and accessed. There are many different ways to protect your data and applications in the cloud, and organizations are struggling to keep up. To this point, Gartner research has found that, through 2025, at least 99 percent of cloud security failures will be the customer s fault.
For securing these multi-cloud deployments, organizations need to take a holistic view on security and understand the unique connection points in the cloud. They must secure access at each point, manage identities, and constantly audit and govern accounts, just to name a few, as they cannot copy the native security protocols from one provider and paste it to the other.
Complicating things further, there is great difficulty obtaining visibility, and the lack of end-to-end context around risk further inhibits abilities to secure the cloud. With increasing sprawl of workloads across multiple public and private clouds, getting control of it all grows ever more difficult. These challenges exacerbated by the security gaps inevitable with disparate solutions.
How to secure multi-cloud deployments?
With cloud sprawl across multiple cloud providers, it is difficult for organizations to grasp a strategic way to secure deployments. Key strategies for unifying cloud security for cloud native deployment strategies include:
1. High Fidelity Security Posture Management
While cloud service providers expand their service offerings, organizations are adding more workloads into the cloud, and must maintain control and governance, and gain observability across the cloud environment. The ability to understand the interactions and connection points is imperative to ensure governance standards are upheld and more readily identify and prevent threats to your cloud. Look for tools that provides enriched vulnerability management findings across cloud providers and addition third party services to better identify, prioritize, and auto-remediate events based on public exposure—minimizing security and compliance risks.
2. Security Automation
Application developers are encouraged to move very fast. While some degree of mistakes are acceptable for developers as they will be resolved as part of continuous iteration and release cycles, security teams are faced with the pressure to always be right. Organizations must figure out how to work with developers and the DevOps automation culture in order to still deliver secure, continuous release cycles – and quickly; security automation, everywhere is key. Organizations must identify solutions that allow organizations to shift security left into CI/CD following the same automated path and self-publish, at development speeds. They also must include security and compliance posture rule checks, and automate threat prevent rule protocols to protect the workload in runtime, at scale.
It is important to understand how resources should behave so you can observe when that behavior deviates. This requires a complete picture of your environment and context around all your cloud log and event data, so you know what to expect, and can more effectively detect and visualize threats. Visibility is also vital in order to map to regulatory requirements and achieve compliance with laws and relevant industry standards. This is often difficult to achieve with the ever-expanding cloud sprawl.
Visibility also requires context to be useful. Viewed without context, cloud ephemeral events can be hard to piece together – especially when there is a lot of data to look at. Look for tools that are able to pull together information from multiple sources and apply context to what is happening across your cloud. Centralized, consolidated dashboards are one component, but they need to also provide insights and intelligence on how to remediate issues.
While organizations are benefiting from use of the cloud, gaps in security, errors, and misconfigurations are prevalent. Disparate solutions bring security gaps. Over the next few weeks, we will dive into the areas of High Fidelity Posture Management, Shift-Left Security Automation, and Visibility and outline strategies organizations can adopt to centralize cloud native security across their multi-cloud environments.
In the meantime, please read a helpful new guidebook, “Re-Imagine Cloud Security” as it uncovers several challenges facing practitioners and strategies they are using to optimize their cloud security.