The current debate on the table is the adoption of a multi- or dispersed-cloud approach and what this means to security. According to Trend Micro there are some security factors that need to be considered when marrying multiple cloud environments to your own physical environment, especially when it comes to management and oversight.
The cornerstone of a multi-cloud strategy is that business and their users benefit from factors that extend better performance and speed, cutting costs and allowing for better resource management, which, according to Indi Siriniwasa, Vice President for Trend Micro, Sub-Saharan Africa, looks good on paper, but in reality unravels when it comes to security and management – especially when the right tools aren’t in place to bring all of this together.
“The biggest challenge business faces when adopting a multi-cloud strategy is the art of keeping various cloud environments secure, it is an exceptionally involved process as each cloud comes with a different set of security protocols, tools and even policies,” said Siriniwasa.
“Now if you factor in multi-tenancy in a cloud the process becomes even more complex for you the user.
“The answer to how one manages all of this is not that different to how you have always approached security. Ensure your policies are in place, then map your cloud framework and architecture, define user access across and within these environments, but then also make security intrinsic to everything you do. The days of bolting on security after the fact are long passed – in today’s world we need to build infrastructure with security, not place security on the infrastructure.”
As the threat landscape evolves, so must the security measures that keep an organisation’s data safe. Legacy security solutions may not provide the right level of security for a complex cloud environment. With intrinsic security you are creating a security fabric and policy that follows your data and systems no matter where they reside.
Trend Micro say that, ultimately you have to secure your data and applications before entering the cloud.
“It is still important to keep an eye on unusual user log-ins as well as large amounts of data being imported or exported,” said Siriniwasa.
“But it is easier to do this if you deploy security at the hypervisor level in the cloud – which is what Trend Micro does for clients with its Deep Security solution.
“This forms part of what we call a multi-layered approach to security, namely security that goes beyond just the endpoint, right into the heart of the hypervisor and then automates the security health of all of your infrastructure namely clouds, physical infrastructure and virtual environments – and allows an organisation to continue running smoothly without down time.
“Ultimately if building a secure environment could be equated to baking a cake, then security needs to be the eggs you put in the recipe. The eggs (security) need to be baked directly into your cloud environment with auto-generated deployment scripts for your configuration management tools. Once this is in place you will not only be able to better secure all aspects of your business, but you will be able to layer your security policies across multiple environments and differing clouds, that you can now monitor and manage from a centralised environment – without having a dashboard, team or security system per cloud.”