How Do You Leverage Multi-Cloud Capability Without Increasing Your Risk?
Amazon Web Services Inc., Microsoft Corp, and Google — are getting bigger, but none are commanding the cloud market space. This leads to the inevitable conclusion, we will soon be living in a multi-cloud world.
So, how do you leverage these technologies whilst keeping control of your organisation’s tech security and lowering risks instead of increasing them?
Here we look at some key points to consider.
1. Have one tool that normalises all platform access rules.
A critical part of multiple cloud applications is that each platform has different provisioning, privilege and control languages. Having a single tool that already speaks VMWare for your existing platform as well as Azure, AWS and Google Cloud Platform (GCP) means that one of the biggest headaches is removed and you gain the agility you are aiming to benefit from.
The privilege management tools from your IAD platform no longer map to the IaaS platforms which have 10,000-14,000 individual knobs and buttons that can expose risk.
2. Alleviate the stress of a underskilled, overworked team
If a multi-cloud environment is truly going to work, you need tools to enable your existing administrative team to engage with all of them without having to spend weeks learning the details of each platform. The key problems of training, experience and the ability to react quickly must underpin the administrative capability of IT to enable businesses to move forward. Often, the rate of change is underestimated leaving IT struggling and so open to risk.
3. Audit or Compliance?
Compliance is no longer a onetime test like an annual audit, our tools should be monitoring continuously given the agility of the cloud platforms and demands to react quickly by the business.
You need access to demonstrate that the best practices security profile of our vendors such as AWS have been implemented with clarity. This workload on a single Cloud platform or VMWare deployment would normally be a considerable commitment but across VMWare and three public Cloud platforms would be likely to fail a compliance review. The tools to provide and automate this compliance need to be factored into any migration from the outset. We also need tools that allow us to have a continuous audit capability that works in real-time as zero-day attacks become the norm.
4. Kubernetes & Orchestration.
We all know Cloud is beneficial because of the speed. However, we need tools that offer the same flexibility and response to maintain our vigil over risk. With container and orchestration solutions now becoming highly leveraged, the speed with which complete solutions can be built, deployed and folded after use means that the risk of inadvertent access by third parties becomes a serious risk.
Worse, if some are not closed correctly pools of data can be left exposed leading to high risk. The complexity of the platforms with many smaller units can result in people having access to pools of data that are not correctly sealed off due to access as part of other projects, the identity and privilege process has become a lot more complex and RBAC has not remained effective.
Founded in 2015, CloudKnox is a cutting-edge start-up cloud security platform that proactively addresses insider threats by delivering continuous detection and remediation of over-privileged machine and human users leveraging our patented Activity-based Authorisation protocol. Having now raised $12 million in a round of funding led by Sorenson Ventures, with participation from Dell Technologies Capital, ClearSky Security, and Foundation Capital.
This investment continues to enable security teams to proactively measure and mitigate the greatest risk from operating in the cloud.
Blog Contributed by CloudKnox UK MD, Alistair Mutch.
Alistair has successfully started several US technology companies in the UK & EU before joining CloudKnox to begin the UK business. With previous experience at MobileIron, Juniper, Sun Microsystems and Apple he has enjoyed watching several waves of new technology find their effective roles with customers
For a free demo of CloudKnox fill out the form below.
Many of our trusted partners have rallied around to support in this challenging time. Listed of our technology partners offering FREE support at this time.
When critical workloads can be deleted with a keystroke, understanding and managing privileges for all identities across your clouds is critical.
Growth in Identities
Ratio of Machines to Human Identities