Why Your Hybrid Cloud Environment Is Most Likely in a Mess

You’ve started your journey—whether yours is a cloud migration story or a story of scale, you’ve begun to move your workloads to the cloud. And, to start, it’s been easy. Everyone knows the speed and agility that cloud promises. But, your environment consists of a little bit on-premise, some in public or private cloud, maybe a mix of Kubernetes and other virtualized technology. Welcome to hybrid…and your hybrid cloud security challenges. 

“Hybrid cloud often includes a combination of public cloud and private cloud, frequently in combination with some on-premise infrastructure.”- Accenture

One of the common trends we’re seeing is that organizations can’t meet their business and security goals in a hybrid environment because they are addressing the challenges tactically, rather than holistically. Or they are adopting practices that won’t scale with their changing environments.  
 
In short, using the same approach in your new cloud deployments is counterproductive. On one hand, the move to cloud is supposed to eliminate the issues of on-prem deployments such as inflexibility and limitations of scale. On the other hand, moving forward with legacy practices is like buying an electric car only to insist on using fuel to power it. This disconnect is often the result of on-prem network security teams working in parallel—rather than in collaboration with — cloud operations and security teams. These silos have made the problems worse as visibility is segmented across functions. For example, if a hybrid application is spread across on-prem and cloud infrastructure, the end-to-end visibility of each connection made by hybrid application components is lost.    

Firewall vendors aren’t helping either. Firewall vendors are proposing an easy, but short-sighted solution to the problem. Their approach suggests adding a firewall agent at every location of the application regardless of whether it is on-prem or (Read more...)

*** This is a Security Bloggers Network syndicated blog from Tufin - Cybersecurity & Agility with Network Security Policy Orchestration authored by Sattwik Gavli. Read the original post at: https://www.tufin.com/node/3411