eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Organizations embrace multiple cloud platforms for a variety of reasons, such as to increase efficiency and distribute compute resources. According to the 2021 Flexera State of the Cloud report, 92% of enterprises have a multi-cloud strategy and 80% have a hybrid cloud strategy.1 But these same organizations also often experience increased management complexity that can impact security and increase risk. Distributing numerous applications across multiple points of deployment, including dispersed data centers, hybrid, and multi-clouds, expands the attack surface, while at the same time, visibility across those distributed environments continues to narrow.
One reason for this is that the built-in security tools that come with various cloud platforms are unique to each, meaning they do not easily interoperate with similar solutions running on other platforms, compounding the challenge of consistently managing risk across all clouds in a multi-cloud world. The lack of cohesion between different security deployments often results in a lack of centralized visibility into critical service configurations, activities, network traffic, security events, and data hygiene. And this challenge will only be compounded further as a business adopts additional public cloud platforms.
This lack of consistent visibility and fragmented control renders security operations time-consuming and ineffective. And as the threat environment expands, organizations need to protect themselves not only from risks of configuration and management of the application elements themselves but also from risks originating via cloud application programming interfaces (APIs) and user interfaces (UIs). It is therefore of the utmost importance to start now to establish consistent visibility into cloud workloads, especially those that span multiple cloud environments.
With Flexibility Comes Less Visibility
While multi-cloud environments offer greater flexibility and business agility than ever before, with that flexibility comes less visibility: the more it is used and the further it expands, the bigger and more complex the digital attack surface becomes. The top security priority in multi-cloud environments, therefore, must be to integrate the various security instances into a unified security architecture for centralized visibility and control. And this process needs to not only be comprehensive and highly adaptable, it also needs to be highly automated, as on-the-fly translations of policies and protocols cannot be done manually as workflows move between cloud environments due to the differences in the public clouds. With an integrated architecture designed to dynamically interconnect different cloud-native security solutions, organizations can address challenges in a proactive, holistic way to improve operational efficiency while decreasing risk.
The reality is, the larger the digital attack surface, the harder it is to monitor network traffic, which increases the risk of cyberattack. These challenges are due to:
Limited visibility: Traditional security monitoring tools do not apply to cloud resources, services, or overall infrastructure deployments. Most security teams simply don’t have adequate tools for maintaining complete visibility in the cloud, let alone for multi-cloud. This can leave gaps in maintaining the required or compliant security posture, exposing workloads, organizations, and end customers to risks arising out of things like misconfigurations or vulnerabilities.
Difficulty inspecting traffic: Even with accurate inventory management, monitoring traffic within and between clouds and detecting suspicious activity within that traffic is impossible without tools designed to see, correlate, and analyze traffic originating from different platforms.
Complexity slowing investigations: Disparate security solutions don’t allow security teams to drill down into data to identify and assess specific suspicious incidents or to correlate threat intelligence collected across multiple environments. This slows time to detect as well as response times to attacks and breaches, increasing risk.
Move in the Right Direction
A first step to improving a multi-cloud security posture is to implement a centralized, real-time view of assets and resources across regions and clouds. The second step is to inspect all traffic, across all clouds, to evaluate legitimate traffic versus malicious traffic using a global threat-intelligence feed to identify suspicious activity. With tools like these in place, security teams can shorten the time to detection because they are able to drill down to threat data presented in full contextual detail.
Such capabilities are provided by cloud workload protection (CWP) solutions. CWP is just what it sounds like: it’s the process used to protect workloads that move across different cloud environments. Organizations that use private and public clouds, or any combination thereof, need to protect transactions and data at the workload level, not just at the endpoints.
Cloud workload protection solutions are also designed to help customers assure compliance and mitigate risks associated with Infrastructure-as-a-Service (IaaS)-based applications. CWP enables organizations to gain or regain visibility and control over their dynamic multi-cloud infrastructures, as well as:
- Support the shared responsibility model of any cloud deployment by looking at the configuration settings of any cloud vendor (public) as well as those of the organization (private).
- Address the challenge of ungoverned cloud data with high-capacity cloud-based data loss prevention (DLP) and malicious content inspection.
- Help organizations assure they are compliant with industry-specific security standards by comparing activity and configurations with policies required by standards, including PCI, HIPAA, SOX, GDPR, ISO 27001, and NIST.
The Time to start is now
Multi-cloud strategies are here to stay; and they will continue to expand as they become an increasingly critical component of a digital business strategy. At the same time, cyber adversaries are looking to take advantage of the fact that most organizations have little visibility into workloads moving between different cloud environments. And they are actively building complex, multi-vector attacks designed to exploit that vulnerability.
Organizations need to establish broad visibility, granular control, and automated detection and response across their multi-cloud environment. Tools like CWP are a good place to start, but the goal should be to build a full security fabric able to span and expand as a multi-cloud strategy grows. But they need to do it now, before their environments expand much further—or before cybercriminals decide to exploit those systems for their own purposes.
Learn how Fortinet’s adaptive cloud security solutions provide increased visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.
