Digital transformation has pushed organizations to adopt a hybrid IT approach and has created a mix of on-premises and cloud infrastructure that must be supported and protected.
Unfortunately, while hybrid IT holds great promise for businesses when it comes to creating efficiencies and accelerating application and service delivery, it also presents a new set of challenges.
As cloud environments become more complex and distributed, bringing together a comprehensive view of cloud activity is a vital part of enterprise security. To embrace the cloud with confidence, there are five things every CISO needs to know.
Keep up with the new normal
Poor visibility can lead to all kinds of security risks, from data loss to credential abuse to cloud misconfigurations. It is one of the biggest challenges facing CISOs today when looking to adopt cloud technologies. In an Enterprise Strategy Group survey, researchers revealed that 33% of respondents felt that lack of visibility into the activity of the infrastructure that hosts their cloud-native applications was the biggest challenge related to the security of those applications.
That shouldn’t come as a surprise. Some of the difficulties companies face can be attributed to the rapid changes in the environment that DevOps introduces in the name of speed and scalability. From microservices to containers, modernizing your operation with cloud-native applications can come at a cost to security. For example, the short lifespan of microservices means they are frequently powered up and down, challenging organizations’ ability to maintain a clear view of their cloud environments. Containers face a similar challenge, as many are also short-lived. While this approach effectively reduces the attack surface, it also makes gaining full visibility more complex.
Another challenge to visibility is shadow IT. As DevOps teams balk at anything that slows them down, they often increase their use of shadow IT. This is not something done out of malice but out of necessity. If IT can’t respond to requests to provision resources quickly enough, or if developers prefer unapproved apps that they think will increase their productivity, IT may find itself out of the loop.
By definition, shadow IT is used out of sight of IT security, increasing the likelihood that vulnerabilities, misconfigurations, and policy violations will go undetected. Similarly, while the growth of user self-provisioning may be good for speed, it’s not without its drawbacks when it comes to security. By making the power to provision resources more decentralized, organizations can create an environment that enables greater agility but does so at the expense of visibility.
Meeting the challenge: five things you need to know
Embracing the cloud requires a comprehensive approach to security that emphasizes both real-time workload monitoring and protection. In the IDG Cloud Computing Study 2020 report, 92% of organizations said their IT environment is at least somewhat in the cloud. Additionally, 55% of respondents said they use multiple public clouds, with 21% using three or more.
Defending the multi-cloud environments that organizations must protect today requires keeping track of what’s happening across any number of cloud instances. While cloud providers often have their own tools, those solutions are typically designed for the provider’s infrastructure and not others, leaving many organizations in need of more advanced capabilities that can span multiple clouds so they can maintain security. and compliance.
The following are capabilities that CISOs should consider when looking to securely adopt the cloud:
- A solution that scales: As your organization grows, so will your security needs. An effective solution should be able to scale up or down as needed to provide the protection your organization requires across containers, multi-cloud environments, virtual machines, and more.
- Portability: Companies shouldn’t need to redo security every time they deploy a new cloud instance or use different cloud providers; security should be automated and extended to new cloud instances as they are deployed.
- Integrated security: Integrated security reduces complexity. CISOs should look for a cloud-native security platform that can offer cloud security posture management, cloud workload protection, and container security in a single, unified solution rather than relying on multiple solutions. tools and consoles.
- Always in: When it comes to cloud security, simplicity should be the rule. DevOps teams need to be able to enable automated security through their normal workflows to keep pace with the speed of application delivery and ensure they can meet security and compliance requirements.
- Comprehensive and Actionable: The security solution should monitor the environment and provide a comprehensive view of the organization’s security posture. By leveraging high levels of automation, the right security solution can speed time to remediation and reduce noise for security teams dealing with alert fatigue. Bolstered by threat intelligence, these capabilities will enable security teams to take more effective action.
a way to go
Whether on premises or in the cloud, protecting data, systems, and applications starts with having a clear view of what’s happening in your environment. As organizations look to expand their presence in the cloud, they must choose a solution that supports security and compliance throughout their IT environment. As a CISO, your mission should be to gain the visibility needed to continuously monitor threats and ensure compliance in the cloud. Doing so will help minimize risk in the new cloud-driven ecosystem while allowing DevOps to deploy applications with greater speed and efficiency.
For more information visit CrowdStrike here.
Connect with the author: david puzasCloud Security Product Marketing Manager
Copyright © 2022 IDG Communications, Inc.