Ensuring security across a multi-cloud environment

1 November 2019 Infrastructure

While the public cloud solves many traditional IT resourcing challenges, it does introduce new challenges. The rapid growth of cloud usage has resulted in a fractured distribution of data, with workloads spread across disparate instances and, for some organisations, platforms. As a result, keeping track of the data, workloads, and architecture changes in those environments to keep everything secure is often a logistical nightmare.

While public cloud providers are responsible for the security of the cloud (the physical data centres, and the separation of customer environments and data), once businesses put data and workloads in the public cloud they become personally responsible for securing them.

“The secret to effective public cloud security is improving your overall security posture. You need to ensure your architecture is secure and configured correctly, and that you have visibility into both your architecture and who is accessing it. In addition, irrespective of where your infrastructure and data is held, you need to demonstrate compliance with relevant regulations, including CIS, HIPPA, GDPR, and PCI or you will risk regulatory non-compliance,” says Andre Kannemeyer, CTO at Duxbury Networking.

The challenge in the cloud is that environments change constantly. Kannemeyer points out that whereas compliance checks every week or month may have worked for on-premise networks, they are not adequate for the public cloud. The need for continuous compliance analysis can be a huge resource drain for teams that are managing cloud environments manually or with native tools. In addition, once a compliance issue is identified, the fractured nature of security, development, operations and compliance teams within most organisations means it is often challenging to address the situation in a timely manner.

“There are many elements to public cloud security and it can be difficult to know where to start. If you’re using the public cloud – or thinking about migrating – we recommend seven steps to help maximise your security,” he says.

Step 1: Learn your responsibilities

Security is handled a little differently in the cloud. Public cloud providers such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform run a shared responsibility model – meaning they ensure the security of the cloud, while you are responsible for anything you place there.

Step 2: Plan for multi-cloud

Multi-cloud is no longer a nice-to-have strategy. Rather, it has become a must-have strategy. There are many reasons why you may want to use multiple clouds, such as availability, improved agility, or functionality. When planning your security strategy, start with the assumption that you will run multi-cloud – if not now, at some point in the future. In this way you can future-proof your approach.

Step 3: See everything

If you cannot see it, you cannot secure it. That is why one of the biggest requirements to getting your security posture right is getting accurate visibility of all your cloud-based infrastructure, configuration settings, API calls and user access.

Step 4: Integrate compliance into daily processes

The dynamic nature of the public cloud means that continuous monitoring is the only way to ensure compliance with many regulations. The best way to achieve this is to integrate compliance into daily activities, with real-time snapshots of your network topology and real-time alerts to any changes.

Cyber criminals increasingly take advantage of automation in their attacks. Stay ahead of the hackers by automating your defences, including remediation of vulnerabilities and anomaly reporting.

Step 6: Secure all your environments

You need a solution that can secure all your environments (production, development, and QA) both reactively and proactively.

Step 7: Apply your on-premise security learnings

On-premise security is the result of decades of experience and research. Use firewalls and server protection to secure your cloud assets against infection and data loss, and keep your endpoint and email security up to date on your devices to prevent unauthorised access to cloud accounts.

Combine the power of AI and automation

“Moving from traditional to cloud-based workloads offers huge opportunities for organisations of all sizes. Yet securing the public cloud is imperative if you are to protect your infrastructure and organisation from cyberattacks,” says Kannemeyer.

Sophos Cloud Optix agentless, SaaS-based service combines deep security expertise with the power of artificial intelligence. It delivers cloud security monitoring, analytics, and compliance automation with one simple-to-use interface in a process-efficient way.

It allows automatic discovery of an organisation’s assets across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform environments, giving companies the power to respond to and remediate security risks in minutes.

As workloads move to the cloud, Cloud Optix reduces the cost and complexity of governance, risk, and compliance. Out-of-the-box templates, custom policies, and collaboration tools help businesses to continuously monitor compliance with custom or out-of-the box templates for standards such as CIS, GDPR, SOC2, HIPAA, ISO 27001, and PCI DSS.

Cloud Optix continuously monitors and learns about one’s cloud asset inventory, configurations, and network traffic. AI-powered smart alerts reduce response times and help remediate security risks faster with automated alert ranking combined with contextual information.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...
Combining TETRA or DMR with 5G broadband
Infrastructure IoT & Automation
As enterprises face rising complexity and connectivity demands, hybrid networks offer a transformative path, combining the proven reliability of TETRA or DMR with the innovation and coverage of 5G broadband.

Read more...
Questing for the quantum AI advantage
Infrastructure AI & Data Analytics
The clock is ticking down to the realisation of quantum AI and the sought-after ‘quantum advantage’. In many boardrooms, however, quantum remains mysterious; full of promise, but not fully understood.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
IoT-driven smart data to stay ahead
IoT & Automation Infrastructure AI & Data Analytics
In a world where uncertainty is constant, the real competitive edge lies in foresight. Businesses that turn real-time data into proactive strategies will not just survive, they will lead.

Read more...
Hydrogen is green but dangerous
Fire & Safety Infrastructure Power Management
Hydrogen infrastructure is developing quickly, but it comes with safety challenges. Hydrogen is flammable, and its small molecular size means it can leak easily. Additionally, fires caused by hydrogen are nearly invisible, making them difficult to detect and respond to.

Read more...
A whole-site solution to crack the data centre market
Fire & Safety Infrastructure Facilities & Building Management
Fire safety consultants and contractors who can offer a comprehensive fire safety solution to the data centre market can establish themselves as a supplier of a key safety features that help guarantee the smooth operation of critical infrastructure.

Read more...
Wireless network security market
Infrastructure
The wireless network security market is experiencing significant growth, driven by the increasing adoption of wireless technologies, a surge in cyberthreats, and rising demand for secure data transmission.

Read more...
Acronis and Metrofile Cloud announce partnership
Infrastructure Integrated Solutions
Acronis has appointed Metrofile Cloud as its premier disaster recovery (DR) partner in southern Africa, combining Acronis' technologies with Metrofile Cloud's local expertise to deliver secure and adaptable disaster recovery solutions for businesses across the region.

Read more...
Managing stock efficiently and cost-effectively
Asset Management Infrastructure Logistics (Industry)
Rina Redelinghuys, customer services executive at Cquential, a member of the Argility Technology Group, examines stock management across various industries, including retail, fast-moving consumer goods, food and dairy, automotive, apparel, industrial, accessories, paint and chemicals, and pharmaceuticals.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.