How to Move Fast in the Cloud Without Breaking Security – insideBIGDATA

In this special guest feature, Asher Benbenisty, Director of Product Marketing at Algosec, looks at how organizations can solve the problems of managing and maintaining security in hybrid, multi-cloud environments. Also discussed is the common confusion over cloud ownership, and how organizations can get consistent control and take advantage of agility and scalability without compromising on security. Asher is an experienced product marketing professional with a diverse background in all aspects of the corporate marketing mix, product/project management as well as technical expertise. He is passionate about bringing innovative products that solve real business problems to the market. When not thinking of innovative products, Asher enjoys outdoor running especially by the ocean.

Move fast and break things is a familiar motto. Attributed to Facebook CEO Mark Zuckerberg, it helps to explain the companys stellar growth over the past decade, driven by its product innovations. However, while its a useful philosophy for software development, moving faster than youd planned is a risky approach in other areas, as organizations globally realized during the COVID-19 pandemic. While 2020 saw digital transformation programs advance by up to seven years, enterprises quick moves to the cloud also meant that some things got damaged along the way including security.

Arecent survey conducted with the Cloud Security Allianceshowed that over half of organizations are now running over 41% of their workloads in public clouds, compared to just one quarter in 2019, and this will increase further by the end of 2021. Enterprises are moving fast to the cloud, but they are also finding that things are getting broken during this process.

11% of organizations reported a cloud security incident in the past year, with the three most common causes being cloud provider issues (26%), security misconfigurations (22%), and attacks such as denial of service exploits (20%). In terms of the business impact of these disruptive cloud outages, 24% said it took up to 3 hours to restore operations, and for 26% it took over half a day.

As a result, Its no surprise that organizations have significant concerns about enforcing and managing security in the cloud. Their leading concerns were maintaining overall network security, a lack of cloud expertise, problems when migrating workloads to the cloud, and insufficient staff to manage their expanded cloud environments. So, what are the root causes of these cloud security concerns and challenges, and how should enterprises address them?

Confusion over cloud control

When asked about which aspects of security worried them most when running applications in public clouds, respondents overwhelmingly cited getting clear visibility of topologies and policies for the

entire hybrid network estate, followed by the ability to detect risks and misconfigurations.

A key reason for these concerns is that organizations are using a range of different controls to manage cloud security as part of their application orchestration. 52% use cloud-native tools, and 50% reported using orchestration and configuration management tools such as Ansible, Chef and Puppet. However, nearly a third (29%) said they use manual processes to manage cloud security.

In addition, theres competition for overall control over cloud security: 35% of respondents said their security operations team managed cloud security, followed by the cloud team (18%), and IT operations (16%). Other teams such as network operations, DevOps and application owners all figured too. Having different teams using multiple different controls for security limits overall visibility across the hybrid cloud environment, and also adds significant complexity and management overheads to security processes. Any time you need to make a change, you need to duplicate the work across each of these different controls and teams. This results in security holes and the types of misconfiguration-based incidents and outages we mentioned earlier.

How to move fast and not break things

So how can organizations address these security and management issues, and get consistent control over their cloud and on-prem environments, so they can take full advantage of cloud agility and scalability without compromising on security? Here are the four key steps:

With a network security automation solution handling these steps, organizations can get holistic, single-console security management across all of their public cloud accounts, as well as their private cloud and on-premises deployments. This helps them to solve the cloud complexity challenge and ensures faster, safer and more compliant cloud management making it possible for organizations to move fast in response to changing business needs without breaking things.

Sign up for the free insideBIGDATAnewsletter.

Join us on Twitter:@InsideBigData1 https://twitter.com/InsideBigData1

The rest is here:
How to Move Fast in the Cloud Without Breaking Security - insideBIGDATA

Related Posts

Comments are closed.