Ensuring cloud security in multicloud and hybrid IT environments can be a difficult task
There are two sides to every coin, as the old saying goes. It’s certainly the case with the cloud, as organizations of all sizes take advantage of the improved agility, scalability and cost savings it offers. Our recent survey conducted with the Cloud Security Alliance showed that 59% of organizations are now running up to 40% of their workloads in public clouds, and those running over 60% of workloads in the cloud had doubled in the past two years.
But on the flip side, the survey also revealed that 81% of enterprises have significant concerns about enforcing and managing security in the cloud. These centered on the risks of attacks causing data breaches, maintaining regulatory compliance and the complexity of managing security and change processes effectively across their cloud and on-premises environments. So what’s causing these cloud security concerns and challenges and how can enterprises address them?
Poor Cloud Visibility = Fragmented Management
When asked what aspects of managing security they found challenging in clouds, respondents cited detecting misconfigurations as the biggest challenge, together with a lack of visibility into the entire cloud estate. Audit preparation and compliance, holistic management of cloud and on-prem environments and managing multiple clouds were also prominent concerns.
A key reason for these problems is that organizations are using a range of different controls to manage their cloud security. According to the responses, 33% use orchestration and configuration management tools and 30% use the cloud provider’s controls, while nearly 22% are not certain exactly which tools they are using. If IT and security teams have to use multiple different controls, it limits their visibility into cloud environments and adds significant complexity and management overhead to their security processes.
These fragmented processes lead to mistakes that cause cloud problems: Of the respondents, 11.4% reported a cloud security incident in the past year and 42.5% experienced a network or application outage. It’s no surprise that the two main causes of these incidents were operational or human errors in managing devices and device configuration changes.
The fundamental problem is that because public cloud deployments are so easy to spin up, it’s easy to overlook just how complex it can be to secure and manage them. Even if you are using a single public cloud platform such as AWS, each cloud account is different. Some accounts will work across multiple regions and have multiple security controls associated with each. Each element will probably have an individual configuration that’s not centralized. This means that any time you need to make a change, you need to duplicate the work across each of these different accounts. With so many moving parts, managing and securing these multiple accounts is a hugely complex task.
Easing the Task of Cloud Security
So how can organizations get control over their multiple cloud accounts and manage them consistently, so they can take full advantage of the agility and scalability the cloud offers without compromising on security? Here are the four key steps:
Gain Visibility Across Your Networks
As touched on earlier, a lack of visibility across cloud estates was the main security challenge for 36% of our survey respondents. To address this challenge, organizations need to get holistic visibility across all of their different cloud accounts, including the security controls that are being used both in the cloud and to manage traffic to and from the cloud environments. This enables IT and security teams to quickly identify any potential security issues or risks that could lead to outages.
Manage Changes From a Single Console
When using a mix of the cloud providers’ security controls as well as other controls, both in the cloud and on-premises, it’s a huge challenge for organizations to manage policies consistently. If all these diverse security controls are managed from a single console using a single set of commands and syntax, security policies can be applied consistently. This avoids duplication of effort and the error-prone manual processes that lead to misconfigurations and outage. It also provides a full audit trail of every change.
Automate Security and Compliance Processes
Automation is essential to managing cloud environments with multiple public cloud accounts efficiently while orchestrating changes across a complex array of security controls. Automation brings speed and accuracy to managing security changes across cloud environments. It also accelerates audit preparation and helps ensure continuous compliance. This is a key point, as more than 75% of our survey respondents found compliance and preparing for audits to be challenging when managing public cloud resources. Automation also helps organizations overcome skills gaps and staffing limitations, which were cited as a concern by nearly three-quarters of respondents already using the cloud.
Link Cyberattacks to Business Processes for Faster Mitigation
The CSA survey revealed that organizations are concerned about attacks and breaches and are ill-prepared to combat them. Nearly 90% rated unauthorized access, data breaches, infiltration and denial-of-service attacks as top concerns. Security management solutions that integrate with SIEM or SOAR tools can help to address these concerns by accelerating incident response. As soon as a threat is detected by the SIEM or SOAR product, the management solution can identify all the applications and servers that the threat could impact. The solution can then mitigate the threat’s risk by automatically isolating any affected servers or devices from the network, preventing lateral movement.
With a network security automation solution handling these steps, organizations can get holistic, single-console security management across all of their public cloud accounts, as well as their private cloud and on-premises deployments. This helps them to solve the cloud complexity challenge and ensures faster, safer and more compliant cloud management.