Designing a Security Strategy for Defending Multicloud Architectures

Complex security issues arise when different clouds and computing models interact.

Etay Maor, Senior Director of Security Strategy, Cato Networks

July 24, 2023

4 Min Read
Cloud security concept art
Source: Kittipong Jirasukhanont via Alamy Stock Photo

The rapid surge in cloud adoption, with 67% of enterprise infrastructure cloud-based, indicates that cloud computing's advantages far outweigh its challenges. Various models have emerged to address specific organizational needs. For instance, hybrid cloud helps with compliance and data residency issues; private cloud enables customizations; and multicloud architecture can prevent vendor lock-in.

However, one persistent challenge remains despite the efforts of cloud service providers: Complex security issues arise when different clouds and computing models interact.

The Growing Trend of Multicloud in Business

Most large organizations support multicloud deployment because multicloud provides businesses with the agility, performance, and adaptability needed to navigate complex and dynamic computing needs. It gives them freedom from potential vendor lock-in, the choice to pick best-of-breed cloud services, and the ability to leverage pricing variations by strategically distributing workloads across clouds. Despite all these benefits, 94% of organizations find themselves fretting over cloud security. They struggle to design a security strategy that spans all platforms and clouds in their IT environment.

Security Challenges of Multicloud Deployments

Multicloud deployments present unique challenges beyond sharing the cloud's typical security challenges. These include:

  • Increased attack surface: Multicloud means a multifold attack surface. As the number of cloud environments and services increases, so does the possibility of unforeseeable security vulnerabilities. Different cloud environments can expose organizations to new kinds of security threats not present in traditional IT environments. Organizations face the added challenge of addressing risks associated with each environment.

  • Platform-specific security solutions: Each cloud provider offers an array of security controls and services tailored to their particular environment. In some cases, extending these solutions and services to other cloud environments requires complex security configurations. In other cases, it becomes outright impossible due to inherent incompatibilities. Ensuring that security solutions are compatible, effective, and consistent across all environments is critical.

  • Fragmented visibility: With data and applications spread across multiple clouds, achieving comprehensive network visibility and monitoring is difficult. If a security incident occurs, coordination and collaboration between cloud providers can be a problem, resulting in a disjointed, inefficient incident response. Establishing incident response procedures, data collection mechanisms, and forensic capabilities that work seamlessly across cloud platforms is essential but also challenging.

Cracking the Code of Multicloud Security

Multicloud enterprises need a modern security strategy that can ensure the safety of users, data, and systems anywhere they are. Ways to do this include:

  • Embrace network-level security: Implementing security measures at the network level allows organizations to enforce consistent security policies and access controls across the entire hybrid and multicloud setup. It provides visibility into network traffic patterns, allowing organizations to monitor and analyze data flows across their multicloud infrastructure. This helps in detecting anomalies, identifying potential security incidents, and facilitating prompt incident response and forensic investigations. Multicloud security needs network-level access control strategies like zero-trust network access (ZTNA), which is a core secure access service edge (SASE) component. It grants users and applications the minimum privileges they need to perform specific tasks, reducing the risk of unauthorized access and lateral movement of threats across cloud environments.

  • Ensure global reach: In a multicloud environment where data and resources are spread across multiple regions and countries, security measures and services need to have a global reach. This is hard to achieve with on-premises security deployments that require backhauling all traffic flows. Multicloud enterprises need a cloud-native, globally distributed security infrastructure that allows them to inspect and secure network traffic at the edge, closer to its source, regardless of its destination. In addition to reducing latency and improving performance, global reach provides the resilience and redundancy required for business continuity and regulatory compliance.

  • Adopt a comprehensive security portfolio: Different cloud platforms introduce unique security challenges and vulnerabilities. To mitigate all cloud-specific threats, a security portfolio should include firewall-as-a-service (FWaaS) for scalable and centralized security; ZTNA for secure connectivity across multicloud environments; cloud security access broker (CASB) for data visibility, control, and security as it moves between clouds; secure web gateway (SWG) for guarding against Web-based threats; and more. Securing multicloud architectures demands a defense-in-depth (DiD) approach, where multiple levels of security controls overlap to provide a layered security posture. With this type of unified stack, attackers must unpeel layer after layer of defense instead of orchestrating a breach through a single exploit or loophole.

  • Centralize security management: It's nearly impossible to keep all systems, including cloud instances and on-premises infrastructure, up to date with the latest patches and regularly review security configurations to address emerging threats and vulnerabilities in a dynamic and disparate multicloud environment. Converged security models that consolidate networking and security behind a single management console can streamline security operations, improve visibility, and minimize complexities.

  • Scale security as needed: As the multicloud environment grows, all security technologies must be able to scale effectively to handle higher traffic volumes and cover more geographic locations. This requires adopting cloud-native security that has a global presence and can scale on demand without compromising network performance.

Strong Security in a Dynamic Cyber Environment

Securing a multicloud architecture is an ongoing process. Any security strategy should be flexible and adaptable to address emerging security threats, regulatory changes, and technology advancements. While these suggestions will help design a resilient multicloud security strategy, regular audits, revisions, and updates are imperative for maintaining a strong security posture in a dynamic cyber environment.

About the Author

Etay Maor

Senior Director of Security Strategy, Cato Networks

Etay Maor is the Sr. Director Security Strategy at Cato Networks and an industry-recognized cybersecurity researcher and keynote speaker.

Previously, Etay was the Chief Security Officer for IntSights, where he led strategic cybersecurity research and security services. Before that, Etay held numerous leadership and research positions as an Executive Security Advisor at IBM, where he created and led breach response training and security research, and as Head of RSA Security's Cyber Threats Research Labs, where he managed malware research and intelligence teams and was part of cutting-edge security research and operations.

Etay is an adjunct professor at Boston College and holds a BA in Computer Science and a MA in Counter Terrorism and Cyber Terrorism. Etay is a frequent featured speaker at major industry conferences and is part of RSA Conference and QuBits conference committees.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights