The cloud has allowed businesses to be more agile, responsive and available than ever before.
As a result, over the past decade organisations of every size have rapidly adopted cloud computing. And that trend only seems to be accelerating. In fact, Gartner predicts that by 2020 more than $1 trillion in IT spending will be directly or indirectly affected by the shift to cloud, making this technology one of the most disruptive forces of IT spending since the early days of the digital age.
However, while the cloud offers compelling new services it also imposes unique security challenges around the protection of sensitive data.
Many organisations are still utilising traditional security solutions which were not designed to protect the agile and highly distributed cloud environments being adopted today. Data no longer sits in isolated data centres, and users, devices, and applications can access virtually any information from any device or location. Traditional security models and technologies simply can’t keep up – and as we see on an almost daily basis, cybercriminals are ready to exploit these security gaps and weaknesses.
The time has come for organisations to not only re-engineer their networks, but also revisit their security model and solutions.
Security challenges in a hybrid environment
As organisations’ IT infrastructure stretches and evolves, their attack surface expands as well. If their security can’t keep up with today’s agile public, private, and hybrid cloud environments, gaps in protection will occur, exposing sensitive corporate data to the risk of advanced malware and threats.
In order to protect critical workloads, organisations are revising their security budgets and are focusing on the adoption of specialised security tools, such as data centre protection, web application firewalls, security for mobile devices, thin clients, secure email gateways, advanced threat protection, and sandboxes.
Some have begun to move their traditional enterprise edge security tools into the cloud, and are adopting the use of on-demand public cloud security, virtualised security tools designed for private clouds, and cloud-based tools like cloud access security brokers (CASB) designed to protect hosted SaaS applications and corporate data.
In many cases, the result of implementing dozens of isolated security tools and platforms, regardless of how relevant they are to new cloud-based networks, is that today’s hybrid cloud environments are recreating the same data centre security sprawl that organisations have spent years trying to streamline and consolidate.
In this scenario, IT teams – already overloaded with balancing a lack of additional resources with the growing security skills gap, as well as managing network transformations – now need to learn how to deploy, configure, monitor, and manage dozens of additional cloud security tools, with no good way to establish consistent policy enforcement or correlate the threat intelligence each of these devices produces.
Meeting changing needs
Instead, the response to increasingly complicated networked environments needs to be simplicity. The key is to take an approach where the data and security elements from various cloud environments are well integrated, cohesive and coherent, like a seamlessly woven fabric. As a result, organisations can see, control, integrate and manage the security of their data across the hybrid cloud, and can take better advantage of the economics and elasticity provided by a highly distributed cloud environment.
This type of approach also allows security to dynamically expand and adapt as more and more workloads and data move into the cloud, and seamlessly follow and protect data, users, and applications as they move back and forth from IoT and smart devices, across borderless networks, and into cloud-based environments.
To bring this approach to life, organisations must address three fundamental requirements:
- Integration: Security, network and cloud-based tools need to work together as a single system to enhance visibility, and correlate and share threat intelligence
- Synchronisation: Security solutions need to work as a unified system for simplified single-pane-of-glass management and analysis, and to enable a coordinated response to threats through methods such as isolating affected devices, dynamically partitioning network segments, updating rules, and removing malware
- Automation: For security solutions to adapt to changing network configurations and respond to detected threats in real time, security measures and countermeasures need to be applied automatically, regardless of where a threat originates, from remote devices to the cloud
To securely meet today’s digital business requirements, organisations must embrace the benefits of an evolving infrastructure while anticipating the attack vectors of current and emerging threats. To do so, they must cut through the cloud security hype and implement the use of security solutions designed to be part of an interconnected, end-to-security framework, which is agile and scalable and can meet changing needs. Only then will they be able to meet current and future cloud challenges, and evolve towards a fully digital business model.