Follow Tweet This Facebook LinkedIn
Industry talking to customers What's this?

Four ways to develop a hybrid cloud security strategy

Published: November 29th, 2019 By: IT World Canada

Fortinet

According to recent research, organizations today use an average of 5 clouds on average including public and private. Do these numbers sound familiar? If so, then you’re no doubt acquainted with the work that goes into managing multiple cloud environments, each requiring their own set of resources and unique security profiles.

And it doesn’t stop there. Studies show that the average employee uses at least eight different apps. At companies with more than 1,000 employees, that number jumps to well over 200. And remember, these are only the apps that IT departments actually know about. A whopping 93 percent of respondents in one survey said they regularly deal with Shadow IT – which is the surreptitious use of unsanctioned cloud services and apps.

So, what does all this mean? Namely, that the move to the cloud, largely viewed by now as a given, has introduced far more uncertainty into organizations than we’ve been led to believe. In fact, a study by HIS Markit Technology found that of the 350 organizations surveyed, 74% had moved an application into the cloud and then moved it back into their own infrastructure. As a result, ensuring consistent security for the applications, workloads, and other resources that move across and between different cloud environments involves a nearly impossible level of complexity, especially when the right strategies and tools aren’t in place.

That’s why success in a hybrid cloud environment must start with a strategic vision that will guide investments. Ready to get started? Here are the four essential pillars on which successful hybrid cloud strategies are built:

  1. Focus on Cloud Integrated Security
    Generally speaking there are two types of cloud security solutions. The first are point solutions designed for on premise environments that “sit atop” cloud infrastructure. The second are cloud native, “built-in” cloud solutions designed to take advantage of integrated cloud APIs and services developed by the cloud provider.
    At the very least, organizations should be aware of these distinctions. But the evidence is clear: the more security solutions used that natively integrate with cloud-based services, the more secure the organization. Even fewer of these solutions run natively across multiple clouds, But for those that do, leveraging the native security capabilities of all clouds and cross-integrating them into a multi-cloud security framework allows organizations to turn the risk-multiplication effect they fear into a security-multiplication effect that actually works to their advantage.
  2. Step Back and Truly Analyze Your Needs
    Just as “the cloud” is a nebulous, hard-to-define concept, so too is “cloud security.” Cloud environments are complex. Not only does each cloud platform require different solutions or strategies, so do the various functional areas within each platform. Agile application development, for example, requires security tools that can be integrated directly into application code to ensure things like secure transactions and data protection and prevent application tampering. Cloud infrastructures require NGFWs, web application firewalls, IPS systems, and advanced threat protection solutions. SaaS applications require things like sandboxing, CSPM/CWPP, and other security services to ensure that access to applications and data can be controlled.
    Take a careful look at your infrastructure today, and consider how it may evolve – and find a security solution strategy designed to handle as many of these different needs as possible, now and into the future.
  3. Seek to Minimize Complexity and Maximize Visibility
    The goal here is clear – pave the way to deploy a sound cloud security platform and then focus on reducing the effort needed for IT departments to deploy, configure, update, and coordinate that platform.
    This is easier said than done. Solutions deployed in different cloud environments usually don’t natively talk to each other or share the same descriptions for similar resources, events, or policies. This can make it impossible to implement consistent security policies between environments, leaving inadvertent security gaps that cloud-savvy cybercriminals are all too willing to exploit.
    Security in the context of cloud means being prepared to implement layers of security that can be automatically translates across and between different environments. This requires the use of cloud connector technologies designed to provide seamless, on-the-fly policy and configuration translations between cloud environments to ensure consistent security end-to-end.
  4. Emphasize Centralized Control
    Want to avoid raising IT security overhead in a cloud environment? Move to a security platform that can tie together all of the various security elements you need through a single-pane-of-glass management interface. This should include configuration management and assessment, policy and update orchestration, event and intelligence correlation, as well as the ability to oversee a coordinated response to malware and breaches.

Complexity is the Enemy of Security
Cloud deployments are likely to remain in flux for the foreseeable future. To put themselves in the best possible position, IT leaders need to establish the right cloud security framework now – one that properly guides implementation and then securely extracts the most success from future digital transformation plans.

Learn more about other major cloud trends from the IHS Markit survey commissioned by Fortinet here.

Learn more about how Fortinet’s multi-cloud solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.