Multiple Cloud Providers, One Security Posture

Nov 07 2016

Multiple Cloud Providers, One Security Posture

As organizations continue to implement cloud-first strategies, the provider of choice has been Amazon Web Services (AWS). According to a recent InformationWeek article summarizing Gartner’s Magic Quadrant for Infrastructure-as-a-Service 2016, AWS is far ahead in Gartner’s Leaders quadrant. And a recent report also shows AWS leading the field in terms of market share with 31%. But both reports also show Microsoft Azure quickly gaining ground and other players coming on fast with strong offerings, including Google, IBM SoftLayer and CenturyLink. Larry Ellison has also now set his sights on being #1 in the cloud.

What does this mean for enterprise infrastructure?
Competition is good—it keeps all the cloud players sharp and forces them to provide increasingly robust options that address barriers to enterprise adoption, with security concerns still at or near the top of that list. And it also gives enterprise buyers choice when deciding which cloud provider, or providers, best fits their needs. But with choice comes complexity.

The companies who “grew up” with AWS from a cloud-strategy perspective have essentially built their cloud security policies around what AWS offers. But as these companies decide to either migrate away from AWS, or spin up other clouds to address the needs of different departments, the issue of security now comes back to the forefront. Having multiple cloud providers adds complexity because now, for each provider, IT has to implement multiple versions of the security controls across the different clouds. This can become a manual, one-off, hodge-podge process that also introduces the possibility of human error, and requires separate monitoring of each environment.

A Centralized Cloud Security Posture
A more effective and efficient alternative to this manual process would be to create a security posture that is centralized to the organization and is platform- and provider-agnostic. Instead of pushing multiple version of the same security requirements out across individual clouds, this posture is “transferrable” from one platform to another or interoperable across multiple platforms. And instead of monitoring each environment separately, monitor your posture through a single dashboard.

Moving to the cloud, or expanding enterprise footprint, is an undertaking already full of complexity. Why make it moreso by creating extra work that doesn’t necessarily address the issue. Consider a centralized security platform that can continuously monitor your cloud environment, no matter the provider.

  • Share: