How can organisations bridge the gap in cloud visibility? asks Adrian Rowley, pictured, Senior Director at the cloud and data centre security company Gigamon.
Organisations are now making cloud adoption a central business objective in response to the need for more agile solutions, growing customer expectations and pressure to continue digital transformation. However, many organisations are struggling to optimise the cloud environment and ensure the security of their data within it. Simply taking a ‘lift-and-shift approach’ often prevents organisations from yielding the full potential of cloud infrastructure. In some instances, this can create significant complexity and make IT architecture more expensive, cumbersome and – most critically – vulnerable to bad actors.
Cloud computing is not a one-size-fits-all, which is why a large number of organisations may choose a multi-cloud or hybrid-cloud. A study by Flexera revealed that in 2020, 87pc of organisations adopted a hybrid cloud strategy. There are several reasons why an organisation may choose to go down this route – combining both public and private cloud solutions can help with security, scalability, cost and efficiency. Despite these benefits, if not integrated correctly this approach can also create significant challenges for IT departments. The biggest challenge being a lack of visibility. Ensuring visibility into an organisation’s cloud activities is foundational in cloud governance and without it, can pose risks to security, performance and cost. But more often than not, it is overlooked.
Cloud technology was a vital lifeline for organisations who were impacted by the pandemic. Yet the rapid, often rushed adoption of cloud over the past 18 months has led to visibility challenges. Known as the ‘hybrid cloud visibility gap’, the term refers to how tools that were made for the IT environment before the shift to multi and hybrid clouds do not allow a unified view into the new, combined landscape. This produces a situation where each cloud becomes its own ‘island’ of visibility, operating separately from the others. It is crucial that NetOps teams can establish a unified view of their network in order to protect their organisations from potential threats.
A risk for security and compliance
Organisations that have a gap in their cloud observability will find it difficult to detect threats and monitor traffic, making them far more vulnerable to cyberattacks; you simply cannot understand or mitigate the threats you cannot see. It’s also key to recognise that if SecOps teams are relying on less reliable information sources, such as application logs or trace files, they will not be able to collate an aggregated view of all the data. A ‘single pane of glass’ view into everything running across a network – including east-west traffic – will be critical for organisations looking to bolster their cyber strategy in a time where cybersecurity is more crucial than ever.
Over the last 18 months, 79pc of companies have experienced at least one cloud data breach, with 43pc reporting ten or more breaches during that period. The likelihood of a vulnerability in cloud security is a huge concern for business leaders, and one that can deter them from cloud adoption altogether. Therefore, it is essential that businesses prioritise security and see the value in maintaining clear visibility into all data-in-motion within the hybrid cloud.
The added impact
It’s not all a security issue. Experiences are at the heart of the human condition and a visibility gap within a hybrid cloud infrastructure can negatively impact a customer’s digital experience. Without a holistic view of the networks, digital transformation becomes more difficult and application errors can go unnoticed, while network bottlenecks can put additional pressure on NetOps teams. Consequently, users will experience slower, less agile services, making it challenging to gain access to the network. Whilst it is expected that organisations will face the occasional technical issue, it is paramount that these issues can be remedied as quickly and efficiently as possible, if organisations want to avoid detrimental consequences. If visibility is achieved, IT teams will be able to maintain a high-functioning, secure digital environment that will deliver the best possible customer experience.
Adopting a hybrid infrastructure also creates complexity, and with complexity comes cost. Multiple teams, multiple tools and multiple agents feeding those tools all generate unnecessary network traffic that uses expensive bandwidth and CPU capacity. As part of an organisation’s digital transformation strategy, they must rebuild current workloads in the cloud. If this process becomes too complex and there is not clear visibility, there could be a direct impact on digital transformation. Achieving unified visibility will also help businesses overcome the complexities of a hybrid environment, leading to better data optimisation and cost reduction.
In this era of rapid technological change, it is imperative that organisations develop a well-defined cloud strategy that ensures clear visibility into their hybrid cloud solutions. Building a consolidated view of a cloud environment will support SecOps teams in protecting their organisations from attacks. In the long term, by closing the hybrid cloud visibility gap, businesses can improve efficiency, security and resilience, as well as reduce complexity and cost.
