Cloud success means finding the sweet spot between agility and security, says Nick Lowe, VP EMEA at the firewall management and network security company Tufin.
Cloud migration has been high on the corporate agenda for a number of years thanks to the benefits it can deliver in flexibility and agility. But the pandemic suddenly meant that these factors were no longer competitive advantages. Instead, they became essential for keeping businesses functional. As a result, it is estimated that many businesses accelerated their cloud migration plans by as many as three or four years. However, the rush to move operations to the cloud and facilitate remote working meant that many organisations left their infrastructure more vulnerable to cyber threats. Hybrid arrangements in particular can result in complex environments that are prone to security gaps.
Around 40 per cent of organisations are believed to have suffered a cloud-based data breach in the last 12 months, and cloud breaches will become more commonplace unless organisations can get their newly expanded environments under control. So how can organisations regain control of their expanding cloud environments without sacrificing the speed of their cloud migration plans?
How hybrid and multi-cloud architectures increase complexity
For organisations that accelerated or kickstarted their cloud migration strategies over the past two years, the greatest hurdle is the jump in complexity. Traditional IT environments are already complex and adding cloud technology to the mix makes visibility and management even more challenging. Cloud environments are far more dynamic and complex. Gaining full visibility across the entire network infrastructure is also more difficult, particularly in the case of hybrid and multi-cloud environments. It is estimated that 92 per cent of enterprises now use a multi-cloud strategy, with businesses deploying two or three private and public clouds on average. A multi-cloud approach has become a viable choice for most as it boosts resiliency and enables firms to choose the best providers for different needs.
Around 82 per cent of enterprises are also using hybrid approaches that mix cloud and on-premises infrastructure together. This strategy is common among firms that are still in the midst of their cloud migration journey, but also offers increased resiliency and other benefits, as well as being necessary for specialist systems that cannot be migrated.
However, these strategies also increase the complexity of the IT environment and quickly increase risk exposure unless the firm has the capability to monitor and manage all the moving parts. Rushing into more complex hybrid and multi-cloud setups often results in configuration issues that can be quickly exploited by threat actors. For example, a customer database may be duplicated in the cloud without proper access policies, making it far easier for attackers to access and exfiltrate sensitive data.
Closing the gaps
The most common challenge we see organisations struggle with is marrying their security policies and procedures across their on-premises and cloud environments. The way the two environments operate can be drastically different and attempting to ‘copy-paste’ on-premises policies onto cloud infrastructure can be like trying to fit a round peg through a square hole. Similarly, it can be difficult to introduce new policies that cover different environments without creating gaps or unintended consequences.
This is exacerbated by the fact that, in a departure from on-premises assets, many cloud services do not have IP addresses, making it even more difficult to gain sight of access and connectivity rights.
Organisations need to make sure that all policies can be continuously monitored from a single central hub, regardless of the environment. It is essential for organisations to be able to know on demand what assets and services are being used, what their security configurations are, and the level of risk they represent. Achieving this will provide a full overview of how the different elements of their IT infrastructure connect and communicate, mitigating the risk of threat actors running rampant with overly generous access credentials or overlooked connections.
This visibility also makes it easier to understand and predict how policy changes might impact the entire infrastructure, allowing network management and security teams to make more informed decisions. Crucially, a centralised approach is also essential for delivering effective automation.
Why automation is paving the way
Whereas traditional on-premises environments are fairly static, the cloud’s defining feature is its dynamic nature, with systems being scaled up and down as needs change. Automation is the key to facilitating these dynamic changes without creating unnecessary risk. With the entire infrastructure connected to a single hub, new policies can be automatically applied to all the disparate elements without creating gaps or inconsistencies that can be exploited. Greater automation also drastically reduces the manpower and resources required to manage and secure the network, freeing up personnel for more high-value tasks.
For example, microsegmentation and access policies can be automatically created and assigned based on application context and workload, ensuring that all systems are following a least privilege principle. All east-west and north-south traffic can also be automatically monitored to provide network and security teams with full visibility of any suspicious activity or compliance issues.
In order to take full advantage of the agility the cloud offers while ensuring security, organisations must adopt a network security management solution that delivers real-time visibility across their complex hybrid network and a unified policy engine that supports on-prem and cloud. Finally, everything needs to be tied together with the automation of network change processes and risk analysis.
A highly automated approach becomes even more important when considering the number of stakeholders involved. Engineering, DevOps and Cloud Architecture teams are constantly deploying workloads on complex, hybrid and multi-cloud environments, so dynamic and reliable security policies are crucial.
With a centralised, automated approach across on-prem, hybrid cloud, and cloud-native, organisations can gain full control of the entire infrastructure, regardless of how it divides across different cloud and on-prem environments. Better yet, they will be able to move with agility and decisiveness as their cloud journey continues, regardless of any unexpected bumps in the road.
