Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
How and Why to Put Multicloud to Work
Complex multicloud environments present organizations with security challenges, but also opportunities for efficiency.
Many enterprises find themselves with hybrid and multicloud environments. While the days where everything was either on-premises or in private clouds are gone, it is far from the case that enterprises have put all — or even the vast majority of — their applications and infrastructure into the cloud. Further, it is nearly never the case that an enterprise has consolidated everything into a single cloud provider; instead, businesses operate with a complex mix of diverse environments. It appears that this will be the case for quite some time.
What may be less known, or at least less considered, is the amount of complexity and the number of challenges that these environments bring. What this means for most enterprises is that they find themselves struggling to efficiently manage and secure hybrid and multicloud environments. In addition, many enterprises find themselves spinning up and maintaining multiple technology stacks within each environment, often requiring entire teams dedicated to this function. As the popular security mantra so aptly says, complexity is the enemy of security.
How so? For starters, complexity introduces the opportunity for human error and oversight. This often brings with it security holes, which in turn increase the attack surface of business-critical applications and the infrastructure they run on.
To get an idea of how complex of an environment most enterprises are faced with, let's look at a few data points from F5's "2023 State of Application Strategy" report:
85% of organizations operate multiple application architectures and locations.
90% of organizations that maintain multicloud infrastructures report challenges.
42% of organizations leverage four or more cloud providers.
37% of applications are deployed on-premises.
15% of applications are deployed in the cloud.
58% of organizations are using digital services to substantially drive the business, with those services accounting for half or more of the firm's annual revenue.
The data clearly articulates the complexity that most enterprises face, and it also shows that hybrid and multicloud environments — and the challenges they bring — are here to stay.
Business Challenges of Multicloud Environments
What are some of these challenges that businesses face? While not an exhaustive list, here are a few of them:
Managing and securing multiple complex environments.
Applying policy and security consistently across diverse environments.
Easily provisioning the required networking and security infrastructure.
Deploying applications easily where required across the ecosystem.
Ensuring the requisite connectivity and security across applications.
Needing a central console to manage multiple complex environments.
Gaining visibility into infrastructure and applications to ensure health, compliance, and security.
Properly monitoring for and responding to infrastructure and security issues.
Thankfully, enterprises have options when it comes to addressing these points and can leverage distributed cloud and multicloud solutions to help reduce complexity and simplify. Doing so allows enterprises to more efficiently and effectively manage and secure their hybrid and multicloud environments.
What to Look for in Distributed Cloud
When looking at distributed cloud solutions, enterprises should take into account a few important points:
Workload protection and application security (at layer 7) is a must, particularly for applications that span multiple environments.
While many solutions provide network security (layers 3 and 4), fewer seamlessly integrate workload protection and application security on top of network security.
The user layer (layer 8) is extremely important when looking to protect against automated attacks and fraud. This is mainly because differentiating between human and automated traffic and between legitimate and fraudulent traffic requires an understanding of intent that can only be gleaned from the user layer.
A central console that brings everything together and facilitates the management and security of both applications and infrastructure is imperative.
Inclusion in the architecture and design of the enterprise early on, with an ability to flexibly consume different features and grow around, is central.
An ability to efficiently address what the market demands — flexibility and fast pace — without introducing complexity and security holes is important.
Although it requires some investment and effort, taking control of the challenges that hybrid and multicloud environments present is essential for enterprises to remain competitive, keep costs under control, reduce complexity, and adequately manage and secure both applications and infrastructure. The sooner an enterprise begins tackling these challenges, the sooner it can efficiently and securely provide its customers the functionality they seek.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024