3 top multi-cloud security challenges, and how to build a strategy

A number of security best practices have emerged alongside the growth of the multi-cloud environment, security experts say, and there are several critical steps that all organizations should take as they develop their own security strategies.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

A data breach or intruder alert will send security teams into high gear as they scramble to stem the damage and determine the cause.

That task was challenging enough even when IT ran all its operations on its own infrastructure, but it has become increasingly complex as organizations have moved more of their workloads first to the cloud and then across multiple cloud providers.

The 2018 State of the Cloud Report from RightScale, a cloud services provider, found that 77 percent of the responding 997 tech professionals say cloud security is a challenge, with 29 percent saying it’s a significant challenge.

Security experts say they’re not surprised, particularly considering that 81 percent of respondents to RightScale's survey are employing a multi-cloud strategy.

“Multi-cloud environments add to the complexity in terms of how you implement and govern security controls,” says Ron Lefferts, managing director and global leader of the Technology Consulting Practice at management consulting company Protiviti.

He and other security leaders say organizations are smart to keep security top of mind as they move more workloads to the cloud.

Multi-cloud security challenges

But they should recognize, too, that the multi-cloud environment comes with additional challenges that need to be addressed as part of a holistic security strategy.

“In this world of multi-cloud, it’s all about coordination – contractually, technologically and people wise,” says Christos K. Dimitriadis, director and past chair of the board of directors at ISACA, a professional association focused on IT governance. “Now if there’s an incident, you need to make sure that all the entities are coordinated, that they all work together to identify a breach and do an analysis and develop improvement plans to make controls even more effective.”

Here are three factors security experts say complicate security strategies for multi-cloud environments.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.