For a majority of organizations, the hybrid cloud isn’t the future of their network: it’s the here and now. But the promise of greater agility, efficiency and cost savings comes at a price: migrating to hybrid cloud environments is creating major security headaches for enterprises. That’s according to our new ‘Hybrid Cloud Environments: The State of Security’ survey released last week.
Moreover, while nearly 50% of respondents said their organizations run up to 20% of their workloads in public clouds, and another 25% used the public cloud for up to 40% of their workloads, enterprises still harbor significant concerns, which are holding them back from wider adoption.
Cloud migration challenges
The survey showed that cloud security problems start when enterprises begin the process of migrating applications to public clouds.
This isn’t surprising. Migrating applications is a complex, tedious and error-prone process. It requires detailed preparation if it is to proceed smoothly without compromising security or compliance.
In the first place, you need to start with a map of the connectivity flows for your enterprise applications before you can start the migration process. But there’s usually little or no documentation on existing application connectivity, and it can take weeks to gather the information, understand the connectivity needs, and then painstakingly map and then migrate and update every rule and access control list for every security device to the new environment. Just one mistake can cause outages or create security holes and compliance violations.
Cloud obscures visibility, hampers security
And once applications have been migrated to the cloud, new security challenges emerge.
Nearly two-thirds of respondents said the greatest obstacle they faced in managing their hybrid environments was a lack of visibility into security, closely followed by managing security policies consistently.
It’s interesting to note that these same challenges were highlighted in our 2014 ‘Examining Security Policy Management in Hybrid Cloud Environments’, survey. Then, as in now, it seems that enterprise usage of public clouds is surpassing their abilities to manage and secure those environments effectively.
Security management: automation matters
One of the key reasons why enterprises are still experiencing these challenges is because organizations are using a variety of disparate controls to secure their environments. 58% of survey respondents use the cloud provider’s native security controls, while 44% said they also use third-party firewalls deployed in their cloud environment. Security management processes are very fragmented. Just over a quarter of our respondents said that they use automation to manage security across their hybrid cloud environments, while 20% still use manual processes.
Interestingly, companies gave somewhat similar reasons for why they do, or do not use automation solutions.
Deploying any new IT solution involves time to configure and rollout, however once deployed, respondents found that automation solutions significantly helped improve the accuracy and speed of application migrations and security changes, maintain compliance as well as overcome staffing limitations.
It’s also interesting that 26% of respondents said they use cloud-native tools to manage security, when most organizations are using multiple public cloud providers. This means that they need to work with the different security controls separately – adding significant complexity and overhead to their security management processes.
The bottom line is that hybrid cloud is a reality for most enterprises, and a significant percentage plan to increase their public cloud usage by the end of 2018. But they face significant security challenges both when migrating to, and managing their hybrid cloud environments – caused by a lack of visibility and the complexity of managing the range of security tools and policies consistently. This underscores the need for enterprises to utilize solutions that can intelligently automate security policy management processes holistically across both on-premise and cloud environments – from application discovery, through migration, change management and decommissioning.
Receive notifications of new posts by email.