New CSA and AlgoSec Research Reveals Complex Challenges in Cloud Environments

New research highlights the need for holistic visibility and control over increasingly complex cloud environments, to ensure security and compliance

We recently worked with the Cloud Security Alliance (CSA) to develop a survey to add to the industry’s knowledge about hybrid-cloud and multi-cloud security. As more and more organizations migrate workloads to the cloud and deploy increasingly complex cloud-native, hybrid and multi-cloud environments, they face challenges in achieving visibility and managing security across those environments.

700 IT and security professionals from a variety of organization sizes participated in the survey. We found that many organizations use multiple cloud providers in order to reduce their costs, increase scalability, and avoid relying on a single provider for all network needs. Two thirds of respondents used multiple clouds, out of which 35% use three or more different cloud vendors, 55% operated hybrid environments using a minimum of at least one private and one public cloud service, and 36% have hybrid-cloud environments, combining on-premise networks with multiple cloud service providers.

So perhaps it’s not surprising that all this complexity is creating significant challenges. Key findings of the survey include:

•            Cloud creates configuration and visibility problems: When asked to rank on a scale of 1 to 4 those aspects of managing security in public clouds they found challenging, respondents cited proactively detecting misconfigurations and security risks as the biggest challenge (3.35), closely followed by a lack of visibility into the entire cloud estate (3.21). Audit preparation and compliance (3.16), holistic management of cloud and on-prem environments (3.1), and managing multiple clouds (3.09) rounded out the top five.

•            Human error and configuration mistakes the biggest causes of outages: Eleven percent (11.4%) of respondents reported a cloud security incident in the past year, and 42.5% had a network or application outage.  The two leading causes were operational / human errors in management of devices (20%), device configuration changes (15%) and device faults (12%).

•            Cloud compliance and legal concerns: Compliance and legal challenges were identified as major concerns when moving into the cloud (57% regulatory compliance; 44% legal concerns).

•            Security is the major concern in cloud projects: Eighty-one percent of cloud users said they encountered significant security concerns. Concerns over risks of data losses and leakage were also high with users when deploying in the cloud (cited by 62%), closely followed by regulatory compliance.

Configuration and visibility problems are a natural consequence of the complexity that cloud environments add. They mean multiple new security controls to configure and manage, all from different vendors’ management consoles, which adds to security teams’ workloads and increases the risk of mistakes and misconfigurations.  These simple human errors have long been identified as a leading cause of data breaches and cyberattacks, whether in cloud contexts or elsewhere – but growing cloud usage is multiplying the problems and the levels of risk. So, in this increasingly strict regulatory and compliance landscape, it is little wonder that organizations deploying applications and workloads in the cloud are concerned with how they can manage those responsibilities amidst greater complexity.

Holistic visibility and centralized security are key

So how can organizations get control over their multiple cloud accounts and manage them consistently, so they can take full advantage of the agility and scalability the cloud offers without compromising security?  Here are the key steps:

1.           Gain visibility across your networks

The first step is to get into all of your organization’s different cloud accounts, including the security controls that are being used both in the cloud and to manage traffic to and from the cloud environments.

2.           Manage changes from a single console

When using a mix of the cloud providers’ own security controls as well as other controls, both in the cloud and on-premise, it’s a huge challenge for organizations to manage policies consistently. If all these diverse security controls are managed these from a single console, using a single set of commands and syntax, security policies can be applied consistently – avoiding duplication of effort and the error-prone manual processes which lead to misconfigurations and outage. It also provides a full audit trail of every change.

3.           Automate security processes

Automation is essential to efficiently manage a cloud network with multiple public cloud accounts, while orchestrating change across a complex array of security controls. It dramatically accelerates change processes and enables better enforcement and auditing for regulatory compliance. It also helps organizations overcome skills gaps and staffing limitations. With an automation solution handling these steps, organizations can get holistic, single-console security management across all of their public cloud accounts, as well as their private cloud and on-premise deployments. This ensures smoother, faster, safer and more compliant cloud management. 

Robust network security management and automation across complex cloud environments are now truly mission-critical priorities for enterprises. Organizations migrating workloads to any type of cloud environment need to automate security across those environments in order to drive agility whilst ensuring continuous security. AlgoSec’s solutions make this possible across native, hybrid, and multi-cloud environments – ensuring enterprises can maintain a strong security and compliance posture at all times.

Read the full survey results HERE.