By: Michael Petit, Head of Cloud Security, Asia Pacific and Japan, Check Point Software Technologies
Despite the pitfalls of multi-cloud security, organisations are increasingly choosing the multi-cloud route. With the many advantages multi-cloud offers and the rapid pace of development in the field, it’s not hard to see why. By implementing the following best practices, organisations can significantly improve the security of their multi-cloud deployments.
- Synchronise policies & settings: If youre using multi-cloud for availability, with identical operations on two clouds, the same security settings should be maintained across both. This can be achieved by synchronising policies and settings across providers.
- Use different security policies for different services: If your organisation is using different workloads/applications, individual security policies should be created for each service. For example, if youre planning on setting up a new BI service, the advantages of building it on each platform should be considered first. The security policies should then be based on the chosen platform.
- Automate, automate, automate: Using a system that automates various tasks reduces the human risk factor and allows you to stay agile. But be sure to address automation from not only a DevOps perspective, but a DevSecOps perspective, to ensure that security is a core consideration and driver throughout the entire process.
- Choose the right tools: Find tools and products that allow you to synchronise your security policies across different providers. Your security policies should be written in general terms, with the tools interpreting them based on how your various providers work.
- Monitoring: Establish a security monitoring strategy that consolidates logs, alerts and events from different platforms into one location. Tools that automatically remediate issues, or provides guidance on remediation strategies are even better.
- Compliance: Find tools to help you maintain compliance in a consistent and efficient way across different platforms.
- Single point of control: Simplify your sprawl by using a single-pane-of-glass tool that gives admins a single point of control to manage all application and data security across all their cloud deployments.
- Minimise point security solutions: Minimise the number of point security solutions, which dont integrate well together. Each additional point solution requires expert staff as well as new integrations and deployment. This adds to the complexity and increases the likelihood of error.
Similarly, cloud vendors all provide security services. While these may be beneficial within the vendors single cloud deployment, they are insufficient when it comes to securing a multi-cloud deployment. You cannot rely on each cloud provider to only protect its own service (for example, AWS to protect your AWS services, Azure to protect Azure, and so on) and assume youre getting holistic security coverage. You need a single tool thats capable of providing unified and consistent coverage across all of your deployments.
Putting Cloud Security First
Whether or not multi-cloud is the ideal set up, the jury is still out. Every organisation must take into account its goals, needs, and limitations especially when it comes to security before starting out on a course towards multi-cloud.
The key to a successful multi-cloud security strategy is finding a dedicated multi-cloud security solution that will provide flawless coverage between clouds. And the right tool should be able to be customised to your companys individual needs, without forcing you into their framework. Choosing a solution that puts your needs first allows you to take advantage of all the benefits multi-cloud has to offer, while maintaining a secure and compliant environment.
Click here to download the 2019 Cloud Security Report.
To read about how to design and implement agile cloud security architectures, read this white paper.