Mitigating Risks in Cloud Migration

Companies are moving to incorporate the cloud into their computing infrastructure at a phenomenal rate. This is, without question, a very positive move. It permits companies to scale processing resources up and down in response to changing demands, giving companies the operational equivalent of unlimited resources while paying only for the resources that are actually used.

But there are side effects. Every trend that changes the computing infrastructure being protected has the potential to generate a change in the systems used to provide protection.

Trends & The Problems They Bring With Them

The Cloud Explosion

The move to the cloud would be better described as a stampede than a migration. According to a recent Uptime Institute survey of 1000 IT executives, a majority believe that more than 50% of workloads will reside in the cloud. Attendees at 2017 AWS Re:Invent believe that 83% of workloads will be in the cloud by 2020. Cisco believes that 94% will be cloud-based by 2021.

Moving all of these workloads into a new technical environment will require millions of IT professionals to become knowledgeable about cloud operations. The influx of inexperienced people will create new security risks when they misconfigure cloud subscriptions, storage configurations and other systems. This problem is already evident today. According to a recent survey of 300 security professionals, 51% reported that their companies experience misconfigurations at a rate exceeding 50 per day. In these companies, one full time equivalent engineer is required simply to correct newly introduced configuration errors.

Multi-Cloud

To compound the problem a little further, a recent Forbes article states that 81% of surveyed companies employ a multi-cloud strategy. Companies wish to use multiple cloud providers to create resilience against failures/outages.

The presence of three or more cloud providers force security personnel to monitor assets in each environment. (Read more...)