Keeping the multi-cloud world safe: Ensuring control and visibility

The world is going multi-cloud. Organisations seek the efficiency, speed, scalability and reduced costs that cloud promises and are rapidly moving applications and data into more hybrid environments – including to more than one cloud.

According to Cisco’s most recent Global Cloud Index, data centre application growth is exploding in this new multi-cloud world. By 2021, hyperscale data centres are expected to support 53% of all data centre servers, 69% of data centre processing power and 65% of data stored in data centres.

But while the benefits keep on growing, securing these multi-cloud environments is complex. If hit by an attack and not protected properly, the financial and reputation damage on an organisation could be catastrophic. More than half of attacks last year resulted in financial damages of more than $500,000. There are three key reasons these environments are vulnerable:

There is a risk of losing visibility and control

While it’s easier to deploy new IT services in a multi-cloud world, unless the management of security changes, businesses risk losing visibility of the behaviour of users and the disposition of data, as well as control of the network.

Today, the cloud services businesses consume can be delivered on several different platforms. However, organisations must still protect privacy and data, and detect and respond to threats across all of the clouds. Businesses need the same visibility and discovery for cloud applications and workloads that they can get on the network behind firewalls. To accomplish this, it’s critical to adapt security processes, technologies, and knowledge.

There are risks introduced by shadow IT

Businesses face another challenge: the security risks introduced by shadow IT. Business units are constantly looking for greater speed and agility. To achieve it, they may bypass their IT departments and buy application and infrastructure services directly from CSPs.

When this happens, the business unit personnel may not know how to evaluate whether a provider has adequate security capabilities, or, if the provider does, how to configure and manage these. This accentuates the tension between IT and business units and exposes the business to unnecessary risks.

Cybercriminals are advancing

Not only are there multiple infrastructures to consider, but the threat landscape has evolved massively in the last year alone. According to Cisco’s recent Annual Cybersecurity Report, the evolution of malware was one of the most significant developments in the attack landscape, with attackers constantly evolving tactics to keep malware fresh and effective.

In addition, companies are now implementing a complex mix of products from various vendors to protect against breaches. This complexity and growth in breaches have many downstream effects on an organisation's ability to defend against attacks.

How to address these challenges

Traditional perimeter protection is simply no longer sufficient to combat the advanced attacks threatening all environments. To keep safe in today’s multi-cloud work, businesses need a complementary, coordinated approach to security that spans the network, endpoints and the cloud that accesses risks across multiple cloud environments.

As well as this, businesses should look at tools designed to provide visibility, analytics, control and responsiveness in a multi-cloud environment. It’s also beneficial to get an understanding of what the cloud service providers offer in terms of protection, so organisations can protect, react and respond, no matter where data, applications and workloads reside.

In order to obtain the level of control in a multi-cloud environment, it is essential to have the cloud controls and technologies in place to allow businesses to get the protection and visibility they need. Businesses can no longer afford to be complacent when it comes to a multi-cloud security strategy. It’s time to keep the multi-cloud world safe.

Editor’s note: Find out more about Cisco Talos, Cisco’s comprehensive threat intelligence service, here.