We’ve just released the results of our ‘Hybrid Cloud Environments: The State of Security’ survey, which shows that hybrid cloud is the reality in most enterprise IT environments, and a significant percentage plan to increase their public cloud usage by the end of 2018. However, our survey also reveals that a majority of enterprises have significant concerns and challenges with their visibility and security management processes. Key findings include:
This is not surprising. As the survey shows, enterprise security teams are using a variety of different management tools for their cloud and on-premises environments.
This mix of tools and manual processes means that migrating and managing applications across a hybrid environment is a complex, tedious process, that’s fraught with risk, where just a single mistake can potentially cause outages, security gaps and compliance violations.
So, can enterprises address these challenges, and make both cloud migrations and ongoing security policy management processes across hybrid clouds seamless and consistent? Here are our five key recommendations.
Get clear visibility of all your networks
A lack of visibility across their environment was the biggest security challenge cited by our survey respondents. So the first critical step is to use a security management solution that provides holistic visibility of security across both on-premise and cloud security controls, via a single pane of glass.
Choose the right security management solution
With many organizations using a mix of security controls – from their cloud providers’ own security controls, to host-based and on-premise firewalls – so managing policies consistently across their security estate is a huge challenge. What’s needed is a solution that can manage all of these diverse security controls from a single console, using a single set of commands and syntax. This enables security policies to be applied consistently, without having to duplicate efforts on multiple management tools, or using error-prone, inefficient manual processes.
Automate security processes
Managing security policies consistently across the entire hybrid environment was the second-biggest security challenge cited by survey respondents. Alongside visibility, security automation is fundamental to managing a hybrid network environment efficiently, and being able to orchestrate change processes across a complex mix of security controls.
The 26% of survey respondents that used automation benefitted from speed and accuracy when managing security changes across the entire environment, accelerated cloud migrations and ability to enforce and audit compliance with industry regulations. The use of automation also helped these organizations overcome staffing limitations.
Map your apps before you migrate
As the survey showed, organizations are struggling to migrate their applications to the cloud. It’s a complex, tedious and error-prone process that is often severely hampered by a lack of visibility into and understanding of the application’s connectivity requirements. To streamline the process, enterprises need to map all their existing applications, connectivity flows and dependencies, before the migration can start. With this ‘atlas’ of application maps, connectivity flows in the cloud can be easily defined and all the underlying security policies can be correctly adjusted to support the infrastructure and security devices used in the cloud.
Tie cyberattacks to business processes for faster mitigation
Cyberattacks were one of the greatest concerns cited for organizations running business applications in the cloud. Security policy management solutions that integrate with SIEM solutions can help address this challenge.
Exploit kits and malware can be active for months on enterprise networks, stealthily moving laterally from the cloud to on-premise, in order to reach and then exfiltrate high-value data. According to a recent report by Trustwave, the median number of days from intrusion to detection of malware is now 49 days.
So as soon as malware is flagged by the SIEM solution, the security policy management solution can then identify all of the business applications and servers impacted (or potentially impacted) – whether in the cloud or on-premise – and map the lateral movement of the infection. Once identified, the security management solution can mitigate the risk of a cyber-attack by automatically isolating any affected (or potentially affected) servers or devices from the network.
Receive notifications of new posts by email.