This ‘multicloud‘ strategy — using more than one cloud provider — means that they are choosing to spread their operations across public cloud services such as Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).
Paul Nicholson, Director of Product Marketing, A10 Networks, discusses why businesses are initially implementing multi-cloud environments, not to mention how they can accidentally find themselves in a complex multi-cloud set up if Digital Transformation happens on an ad-hoc basis. Nicholson highlights the importance of including security into a multi-cloud strategy, with so many factors potentially affected if multi-cloud is an afterthought.
As companies leverage a multi-cloud strategy to improve IT operations and provide better services to their customers, they can’t afford to overlook the implications for security. This is especially true with the emergence of a new paradigm to run multiple disparate compute environments for application delivery. In fact, while issues like creeping complexity, non-existent cross-platform visibility and multiple vendor standards all compete for IT focus in a multi-cloud environment, enterprise leaders cite security as the top challenge of all.
This trend was illustrated in a recent global survey of IT and business executives conducted by A10 Networks in partnership with the Business Performance Innovation (BPI) Network. In the survey, respondents reported that ensuring strong security across clouds, networks, applications and data will be critical for realising the advantages of multi-cloud IT. This is clearly a work in progress; to date, only 11% believe they have been highly successful in seeing the full value of their multi-cloud strategy, while a majority (51%) rate themselves as only somewhat successful or unsuccessful so far.
A quick web search will uncover many cases of vulnerabilities and real-life incidents. In one blog post by VMware, it is noted that it’s the job of IT and security teams, not just cloud providers, to take care of many aspects of security. To stop sophisticated bots, frequent data exfiltration of personally identifiable information (PII), application attacks and other threats, it’s essential to implement a security strategy across all your clouds, private or public that is as stringent as the one used for your on-premises solutions, if not more so.