Following the pandemic, even more companies seem set to embrace a multi-cloud approach. That’s great but staying secure requires careful planning.
You are only as secure as your weakest link, so the saying goes. It’s certainly true when it comes to cyber security. The bad guys will find the gaps in your system and exploit them. In a multi-cloud environment, the weak links might be between platforms.
That could be a growing risk in the near future, based on our remote working questionnaire. We found that 38 per cent of respondents said they plan to move workloads to Azure in future, considerably ahead of AWS (15 per cent) and private cloud (10 per cent). However, two-fifths of respondents (40 per cent) said they would be moving workloads to more than one platform, with three per cent saying that they would be using as many as five.
Such a multi-cloud strategy is becoming more common. One recent report said that 93 per cent of enterprises already have one. Once, it was something that happened unintentionally, perhaps because different teams had independently selected different platforms. Now, however, companies are taking a multi-cloud approach because they can pick the best solution for each use case and reduce their dependence on a sole provider.
There are certainly benefits, but any multi-cloud strategy must pay careful attention to security. This is likely to be a challenge. In our survey, when asked about securing remote working, more than half of respondents (54 per cent) said “it’s complicated”. If your response to securing remote workers is a Facebook relationship status, then you really do need to take time to plan when it comes to securing multi-cloud.
Hardware firewalls aren’t enough. Organisations need to consider encryption, advanced threat defence (ATD), malware protection, SSO and access control. And it isn’t just the links between public cloud platforms that must be secured. Many organisations also have a managed private cloud as part of their estate, and this too is part of the security picture.
All of this has to be secured in such a way that users have a seamless experience. Security that gets in the way of what users want to do ends up being frustrating and may even drive users to find their own ‘shadow IT’ solutions, which could create more security risks.
To make multi-cloud manageable, one of the most effective solutions is to partner with a provider who can handle security across your estate, whether that’s on-prem, private cloud, public cloud or a combination of the three. A good partner can offer single pane of glass dashboarding and reporting across the whole architecture. This is vital because it helps you maintain visibility and ensure that quiet corners of the IT estate don’t get forgotten.
The good news is that as multi-cloud becomes more common, the industry will gain more experience in keeping these architectures secure. However, no two multi-cloud operations will be alike, so there will be no off-the-peg security solution. Companies need to maintain focus on security or find a qualified partner to handle it for them. Get in touch with our experts today for a free, impartial chat to learn more.