Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them against data loss and/or downtime, as an issue in one environment won’t necessarily spill over into another.

But a multi-cloud strategy isn’t always easy. With multiple cloud environments to manage, some organizations struggle to maintain compliance with regulatory standards. They also might not have the necessary tools to manage vulnerabilities across their entire cloud infrastructure.

This reality raises several questions. How do teams view the security challenges associated with multi-cloud environments? And how are organizations working to address those factors?

More Complexity, More Challenges

To answer those questions, Tripwire commissioned Dimensional Research to survey 314 security professionals who held direct responsibility for securing their respective employer’s public cloud infrastructure. Their responses help to illuminate the state of cloud security for enterprise environments in 2021.

First, 73% of survey participants told Dimensional Research that their employer was using a multi-cloud environment. Those individuals cited all the benefits of using such a strategy that I discussed above. They also mentioned how multi-cloud environments in some cases align with their business requirements. Indeed, 41% pointed out how different teams, departments, and/or lines of business have standardized on different providers, making it essential for organizations to work with more than one cloud deployment. Similarly, approximately the same proportion (40%) indicated how some of their apps require specific providers.

“Survey: Securing Public Cloud Infrastructure,” page 5
“Survey: Securing Public Cloud Infrastructure,” page 5

Even so, 98% of infosec professionals with multi-cloud environments agreed that such an approach created additional security challenges for their organization. (Read more...)