Why a Cloud Transformation Must Include Multi-Tenant Isolation
People Are Moving to the Cloud
The cloud permeates our day-to-day life, influencing everything from our family vacation photos to our most sensitive credit card data. Modern businesses are increasingly experiencing the same trend—the shift to cloud-based applications and workloads is occurring at an unprecedented rate. According to Forbes, the cloud will host 83 percent of enterprise workloads by 2020, a 10 percent increase over 2018.
This transformation stems in large part because of decreasing risk associated with cloud technologies. A traditional argument against the public cloud used to be “What happens when the cloud goes down?” However, cloud service providers such as Amazon, Google, and Microsoft stake huge portions of their revenue streams on the cloud and have evolved their public cloud offerings in ways that propagate always-on, 24/7 cloud access.
The benefits of a cloud transformation aren’t strictly limited to end-user productivity. Moving to the cloud allows IT security teams to leverage the same tools across the entirety of a company’s network, reducing learning curves and training times as well as management overhead. The positives for a cloud migration, for both an enterprise and its IT staff, are incredible.
When moving to the cloud, though, security is paramount. If running in a multi-tenant public cloud, your company’s data could share physical infrastructure with other companies’ workloads—putting added pressure on security teams that must be extra-vigilant against threats that could spread through the cloud. The dynamic, open nature of the Internet makes end users’ devices unequivocally more susceptible to cyberattacks. Unfortunately, organizations continue to rely on the same detect-and-respond approaches to cybersecurity to protect an ever-changing attack surface. A new, proactive approach to cybersecurity is needed.
Internet isolation is a security architecture that fits the bill by air-gapping an enterprise network from the public web while allowing users to have access to the Internet.
Not All Isolation Solutions Are Created Equal
Isolation technologies such as VDI, client- and server-side isolation, and remote browsing fall short in four key areas: geographic reach and scaling, increased network/endpoint load, latency issues, and heavy resource or hardware investment.
Industry leaders have attempted to solve these issues, yet have failed in critical areas. Take, for example, the typical vendor’s approach to scaling: They spin up VMs in a new private cloud deployment for each customer, creating a non-elastic, high-latency, localized cloud with non-permanent guaranteed uptime. Another example is the problem of resource usage. Visual streaming solutions use 10 times the amount of bandwidth as native solutions. In short, the industry has yet to figure out how to mitigate these four pain points in one solution.
Internet isolation can become incredibly costly when considering the resource and hardware costs associated with running huge numbers of VMs. Bandwidth usage and server costs increase rapidly when attempting to run an on-premises isolation platform. Additionally, space or hardware limitations can hamstring the success of the solution—what, after all, is the point of running an isolation platform if latency is high or an IT team finds it incredibly difficult to manage? It’s clear that on-premises Internet isolation is doomed to fail.
Introducing the Internet Isolation Cloud
A properly architected cloud-hosted isolation solution can solve both of these issues. Menlo Security offers a fully managed multi-tenant elastic cloud that provides low latency, 99.999 percent uptime, and global scaling. The multi-tenant cloud allows remote offices, remote workers, and traveling users to get the same low-latency experience worldwide, supported by a multilingual 24/7/365 support team. New users are instantly onboarded through Capacity Auto-Scale, and updates don’t cause downtime in the cloud, allowing Menlo Security to provide a global infrastructure with world-class reliability and scalability. This means that companies can leverage cloud economics and take advantage of the cloud’s wide reach and low cost.
Cloud-hosted VMs also remove the security and performance issues traditionally associated with a public cloud. Menlo’s Internet Isolation Cloud renders documents in disposable virtual containers and converts them to HTML5, removing potentially harmful active content. Rendering documents online obeys performance and user-experience constraints, because the performance bottleneck is blown wide open. The user experience is preserved as if the browser is being run natively, yet all links are locked down.
The Multi-Tenant Cloud: A Summary
Multi-tenant clouds are uniquely positioned to take advantage of the widespread shifts toward cloud technologies. By harnessing the power and economics of a public cloud, the multi-tenant cloud accelerates and eases the cloud transformations of organizations everywhere. By placing the operational burden of running the cloud in the hands of the cloud provider, multi-tenant clouds also reduce IT management and overhead. These clouds are generally unsecured, however, which understandably makes security teams nervous. That’s where Menlo Security comes in.
Menlo Security can secure multi-tenant clouds by isolating traffic and keeping it out of the hands of threat actors. With a proactive, isolationist approach, Menlo Security prevents 100 percent of browser-based malware from reaching the end user and maintains the native user experience. The only organizations that can take full advantage of a cloud transformation are those that embrace an Internet isolation approach, as the proactive security and scalability of Internet isolation fits seamlessly into a cloud environment.
*** This is a Security Bloggers Network syndicated blog from Menlo Security Blog authored by Mehul Patel. Read the original post at: https://www.menlosecurity.com/blog/why-a-cloud-transformation-must-include-multi-tenant-isolation
