Security For Multicloud Environments

More enterprises are using cloud platforms from multiple vendors as as way to distribute workloads, manage resources, and improve their security footprint.

In their research paper, Multicloud Management, 2017, analyst firm IDC presents compelling evidence that more enterprises are embracing a cloud strategy that uses the services of multiple providers. The cloud continues to rapidly rise in popularity, but as enterprises get more comfortable with the cloud, they are applying a more sophisticated and informed mindset to their cloud strategy. By distributing workloads, creating purchasing and contractual leverage, and mitigating risk, a multicloud strategy is increasingly recognized as an astute approach for organizations that want to maximize the benefits of the cloud.

Clearly, the notion of a multicloud approach is rapidly gaining popularity, and for good reason. The IDC report states, “90% of enterprise-scale organizations plan to make use of multiple clouds in the next several years. As cloud environments become more complex, traditional tools and processes used to manage relatively static, tightly coupled IT infrastructure struggle to keep up with scaling, pooling, migrations, and rapid pace of change that are the hallmark of cloud IT operations.” Because the cloud is inherently flexible and connective, it allows for provider variation, and that’s proving to be a smart option, especially for organizations that want to increase their control over security and compliance within their cloud.

From a security standpoint, a multicloud approach helps by distributing that risk and provides a measure of control when attacks occur. Consider what happens when some element of an organization’s cloud is compromised; for organizations that don’t have an incident response process (and surprisingly high number fall into this category), this can result in shutting down operations while parts of the environment are sequestered, snapshot, wiped, and then redeployed.

That scenario requires that operations be frozen while the attack is contained, but it’s at a great cost, both in terms of resource being deployed and opportunity cost due to lost business opportunity. It also essentially negates the benefits of a flexible, dynamic cloud.

In a multicloud environment, however, workloads in non-threatened clouds can continue to function while issues on platforms under attack are resolved. Remember that hackers are specific in what they’re looking for; they exploit openings. Whether because of some knowledge or expertise about that platform or product, their goal is to find a way in based on something that can be easily compromised. In order to mount an attack simultaneously on two platforms being used by the same organization would require an operational and logistical focus that would be incredibly difficult to pull off. And organizations that are monitoring their environments would be able to quickly identify issues on one platform while transitioning some compute and operational activities to another one.

Cloud platforms also operate in terms of their different layers, one of which is the storage layer. This is handled in AWS by S3 buckets and in Microsoft with Azure Storage. We’re seeing so many breaches of S3 buckets because, among other things, that’s where so much valuable data lives which makes them very attractive targets. From a security standpoint, however, it’s smart to store data in multiple places as a way to reduce risk of that valuable data. Additionally, being able to rely on multiple layers of ID and compute access presents levels of complexity that make an environment less attractive to hackers. The ability to quickly deploy redundant applications or use API keys on different platform in order to keep things operating as “business as usual” provide an enterprise with resilience in the face of constant threats.

Many of our customers operate with a multicloud approach, and with our new support for Azure, we give them a single pane of glass view over their entire cloud architecture. Through that glass we provide comprehensive visibility into real-time security risk, provide the corresponding remediation paths to fix issues and bring operations back to a secure state. Evident Security Platform (ESP) aligns with the flexible and dynamic nature of the cloud by supporting organizations that choose a multicloud strategy for their IT and business operations. They seek insight and control within their cloud, and running ESP provides them with that while enabling them to evolve their cloud environment as their needs demand.