8 Best Practices for Multi-Cloud Security
By: Michael Petit
Organizations are increasingly choosing the multi-cloud route. With the many advantages multi-cloud offers and the rapid pace of development in the field, it’s not hard to see why. By implementing the following best practices, organizations can significantly improve the security of their multi-cloud deployments.
Synchronize policies and settings: If you’re using multi-cloud for availability, with identical operations on two clouds, the same security settings should be maintained across both. This can be achieved by synchronizing policies and settings across providers.
Use different security policies for different services: If your organization is using different workloads/applications, individual security policies should be created for each service. For example, if youre planning on setting up a new BI service, the advantages of building it on each platform should be considered first. The security policies should then be based on the chosen platform.
Automate, automate, automate: Using a system that automates various tasks reduces the human risk factor and allows you to stay agile. But be sure to address automation from not only a DevOps perspective, but a DevSecOps perspective, to ensure that security is a core consideration and driver throughout the entire process.
Choose the right tools: Find tools and products that allow you to synchronize your security policies across different providers. Your security policies should be written in general terms, with the tools interpreting them based on how your various providers work.
Monitoring: Establish a security monitoring strategy that consolidates logs, alerts and events from different platforms into one location. Tools that automatically remediate issues, or provide guidance on remediation strategies are even better.
Compliance: Find tools to help you maintain compliance in a consistent and efficient way across different platforms.
Single point of control: Simplify your sprawl by using a single-pane-of-glass tool that gives admin a single point of control to manage all application and data security across all their cloud deployments.
Minimize point security solutions: Minimize the number of point security solutions, which don’t integrate well together. Each additional point solution requires expert staff as well as new integrations and deployment. This adds to the complexity and increases the likelihood of error.
Similarly, the cloud vendors all provide security services. While these may be beneficial within the vendors single cloud deployment, they are insufficient when it comes to securing a multi-cloud deployment. You cannot rely on each cloud provider to only protect its own service (for example, AWS to protect your AWS services, Azure to protect Azure, and so on) and assume youre getting holistic security coverage. You need a single tool that’s capable of providing unified and consistent coverage across all of your deployments.
Putting Cloud Security First
Whether or not multi-cloud is the ideal set up, the jury is still out. Every organization must take into account its goals, needs, and limitations, especially when it comes to security, before starting out on a course towards multi-cloud.
The key to a successful multi-cloud security strategy is finding a dedicated multi-cloud security solution that will provide flawless coverage between clouds. And the right tool should be able to be customized to your company’s individual needs, without forcing you into their framework. Choosing a solution that puts your needs first allows you to take advantage of all the benefits multi-cloud has to offer, while maintaining a secure and compliant environment.
(The author is Head of Cloud Security, Asia Pacific and Japan, Check Point Software Technologies)