Did you miss a session on the Information Summit? Watch On-Demand Right here.
This text was contributed by Kelley Kirby, product advertising analyst at Uptycs
Let’s discuss in regards to the cloud (as a result of who isn’t?).
During the last a number of years, we’ve seen cloud adoption skyrocket as organizations work to search out probably the most environment friendly and cost-effective method of working their enterprise. Whether or not the cloud surroundings be public, personal, hybrid or multi-cloud, this worldwide progress has led to a gradual improve in accessible cloud companies, their suppliers, and configurations.
Again in 2019, 81% of public cloud customers reported utilizing two or extra suppliers (pre-pandemic, so you possibly can think about how a lot that quantity has grown), and whereas the advantages of cloud use far outweigh the chance, it could possibly include some evident challenges as you attempt to develop what you are promoting.
As a small group, working a handful of companies and functions, and deploying workloads all with a single cloud supplier makes cloud administration appear easy. However the story may be very completely different for a rising enterprise with belongings and workloads throughout a number of cloud suppliers, advanced knowledge lakes, companies hosted in numerous geolocations, and an array of instruments that don’t provide assist for each piece of your cloud property.
This difficult cloud amalgamation (Frankencloud, if you’ll) is usually a results of preliminary value effectivity or acquisition, however regardless of the case, scaling that convoluted structure as what you are promoting evolves is laborious.
Cloud scaling challenges
When what you are promoting began, the concept of cloud adoption was a simple one to wrap your head round. It’d simplify quite a lot of what you are promoting processes, improve knowledge accessibility, enhance effectivity, and scale back total operational prices. In principle, cloud computing would make scaling your group because it grew a lot simpler. And it did!
However, alas, the convenience has handed since what you are promoting took off. You now have a large number of cloud situations working companies and workloads throughout three main suppliers in an try to chop prices and keep away from vendor lock-in, acquired a small agency utilizing a personal cloud hosted within the EU with new laws to stick to, and have extra instruments to assist handle all of it than you possibly can depend on two fingers. Merely put, it’s gotten overwhelming and now you’re making an attempt to determine find out how to scale up.
The very fact of the matter is, the extra advanced your surroundings will get, the tougher scaling goes to be. Let’s check out a few of these challenges and what they might imply for what you are promoting.
Configuring your Frankencloud throughout suppliers
Configuration in your functions, infrastructure and workloads will not be going to be the identical throughout cloud suppliers. Every supplier has its personal method of provisioning, deploying, and managing situations, and it’s your duty to make sure the proper configuration of your sources.
It may be tempting to hurry by means of the configuration course of (as a result of going by means of the motions a number of instances takes ages and you’ve got one million different issues to do), nevertheless it’s endlessly vital to be sure to’ve configured your sources appropriately and are rechecking them steadily as issues change to keep away from compliance and safety dangers.
A misconfiguration may imply non-compliance related to regulatory fines or, heaven forbid, a safety breach, and scaling too rapidly with out conserving your configurations in test may value you. Like, loads.
Based on IBM’s Cost of a Data Breach Report 2021, the extra advanced your surroundings is and the extra you’re failing compliance checks, the extra probably you’re to pay as much as $2.3M extra within the occasion of a breach.
This brings me to the subsequent problem of…
Securing your Frankencloud
With the Shared Duty Mannequin largely leaving the onus on the client to safe their very own cloud surroundings, there’s not a complete lot that comes in-built to work with. Which means hardening your surroundings, implementing safety controls, refining privileges and identities, and figuring out and remediating vulnerabilities at the moment are constantly on the high of your cloud scaling to-do listing. And because the duties differ for every supplier, you could determine what’s required for every supplier.
There are pointers that can assist you obtain a few of this by yourself, just like the AWS Well-Architected Framework Security Pillar or CIS Benchmarks, and a plethora of cloud safety distributors prepared that can assist you choose up the slack, however the bother is rolling out these safety measures in your complete cloud property in a method that ensures full protection from end-to-end.
That is particularly difficult as a result of only a few cloud safety distributors provide assist for a number of cloud suppliers, and those that do usually have a really restricted toolset designed for a specific use case. This has resulted in safety groups compiling a number of instruments between a number of safety distributors in an try and cowl all of the bases (FrankenSec?), however these disconnected and siloed techniques usually don’t combine and might solely ship items of their complete cloud safety image, leaving blind spots.
The blind spots between options can permit menace detection indicators to go unnoticed as a result of associated safety occasions may very well be taking place in two completely different techniques, however the disconnected safety options aren’t in a position to correlate them as suspicious. On this case, the one option to uncover the occasions are associated is to manually triage each detection throughout every system and uncover their connection your self. However between the amount of detections you could obtain (quite a lot of them being false positives) and the growing downside with alert fatigue, the margin for error is sort of excessive and you should still miss it anyway.
Observing your Frankencloud
Equally, with securing your Frankencloud, getting full visibility of your complete cloud property is a serious problem. You’re confronted with the identical issue of disparate options that go away you with an incomplete image of your cloud environments and sources.
With out full visibility into the place your cloud knowledge is, which functions work together with which companies, and who has entry to what, you could possibly be oblivious to misconfigurations, threats, overspending and non-compliant insurance policies.
Understanding how completely different sources, identities and companies work together with each other lets you prioritize configuration fixes, management privilege escalation, and carry out audits, in the end bettering useful resource efficiency and lowering safety threat. The bigger your cloud property will get with gaps in visibility, the more durable it’s going to be to do these issues successfully.
Abstract: Scaling your cloud creation
Your Frankenstein cloud creation has made scaling a little bit of a nightmare (pun meant), however you’re not alone. Whereas no two cloud environments look the identical, these challenges are confronted by any group working in a fancy cloud surroundings. You could find some consolation in realizing that it’s in all probability not a results of something you’re doing inherently incorrect.
To scale a fancy cloud surroundings successfully with out creating new complications for your self down the highway, you’ll want to have the ability to:
- Monitor all the things that’s occurring throughout cloud suppliers, together with asset relationships and privilege allocation.
- Guarantee end-to-end safety with no blind spots from disconnected device units.
- Uncover misconfigurations as you evolve to keep away from compliance failures and vulnerabilities.
Having a single, unified resolution that may provide help to tackle these challenges multi functional place will largely scale back the period of time, overhead and stress that accompany a sophisticated cloud scaling mission.
Kelley Kirby is a product advertising analyst at Uptycs
