While cloud opens a new world of scale and agility, there are some serious risks that need to be mitigated if moving to the cloud is to be a success. The chances are, if a company is using cloud, it is because they want to be closer to their customers and to have more interaction. This means exposing data that would traditionally sit behind a corporate perimeters that was locked down to the big world. This can be done safely but it needs planning and managing.
Security considerations in a Multi-Cloud world.
Once companies embrace the cloud and reap its benefits it is almost inevitable that they will become Multi-Cloud users. You may think that a multi-cloud environment may look like a CIO purchasing implementations from HPT, AWS, and Azure. What it actually looks like is different business units buying six different cloud solutions.
Each cloud will have its own native security tools, plus 3rd party firewalls, event management, Av, Anti Malware, authentication, serve build standards... The more tools, the more skill set required, the more chances of mistake and the more complicated to monitor. Sound familiar to on-premise?
In a cloud environment, it’s also important to look for behaviors – things like suspicious or malicious actors connecting, outbound data flows, user behavior.
How we approach it
- We use BIOS Multi-Cloud, a single pane of glass to see our customers cloud estate, whether it be on Azure, HPT, AWS or over 100 other clouds. We use this platform to provision workloads and new workloads are automatically added to our Assured and Secured platforms. This allows us to see what is out there, to create standard server builds that incorporate policy and governance as per our client’s standards.
- We use BIOS Secured which includes our SIEM-as-a-Service across multiple clouds to see all connections in and out of a customer’s environment so see suspicious activity and stop it in real time. We also perform continuous vulnerability scanning so we are aware as soon as software vulnerabilities emerge.
- We also standardize on one AV and Anti Malware and tie it into our alerting and ticketing platform and password protect it. It includes behavior analysis and we alert for things like multipole failed logins.
- We never have our backup on the same domain, or even the same cloud if we can help it. As long as data is recoverable, the business can survive an attack. If it is not, chances are the recovery will be very difficult.
- Authentication is always done with 2FA. One bit of advice we can give is for passwords; use a random password generator, so many companies rely on their Admin to come up with a password and inevitably they often choose a series of words they can remember. These are simple for hackers to crack.
Effective Cloud Security Means Using Cloud-Native Tools
Traditional security tools aren’t designed to handle the challenges of protecting multiple clouds. When you try this approach, the results tend to become siloed. For example, one security tool in one cloud may detect an attack. You can mitigate this attack and think you’re safe, only to miss the fact that your security tools on different clouds have missed the same kind of intrusion attempt.
BIOS Multi-Cloud offers a cloud-native security approach. With BIOS multi-cloud, users can deploy any workload onto any cloud – meaning that they can deploy the same security tools across multiple clouds, gathering uniform security data. With our support, administrators can standardize their security approach across every platform they use, making it that much easier to catch and mitigate intrusion attempts. For more information, check out our white paper on The Emergence of Multi-Cloud today!