As more organizations migrate data, software and other key assets to the cloud, many adopt a multicloud approach through which they must work with several online vendors and environments for different tasks. That strategy can lead to complexity, especially in the area of cybersecurity. Faced with so many cooks in the kitchen, so to speak, internal IT and security staffers have to keep their eyes on a variety of disparate providers and systems.
SEE: Hiring Kit: Cloud Engineer (TechRepublic Premium)
A report released Wednesday by multicloud security provider Valtix looks at the security challenges involved in a multicloud strategy. For its 2022 Multi-Cloud Security Report, Valtix commissioned an independent research firm to survey 200 IT leaders in the U.S. about the issues they face with multicloud security, the tools they use, the tools they want to use, and the skills they need to secure multiple cloud platforms.
A full 95% of the respondents said they’re making multicloud a priority in 2022, with almost all of them putting security at or near the top of the list. Yet only 54% said they feel confident that they have the tools and skills necessary to achieve this goal. More than three-quarters believe that multicloud operations are underfunded at their company.
More specifically, 67% of the IT leaders feel their own employees are underskilled when it comes to multicloud security. Less than half feel confident that every application in their public cloud is known. And only slightly more than half are confident that network or host-based security is in place across all their public cloud accounts.
“IT leaders are entering 2022 in a precarious state when it comes to multicloud security,” said Valtix CEO Douglas Murray. “They are underfunded, underskilled and inefficient at executing on security within multicloud strategy. The reality is that managing several cloud providers multiplies threats, work and headcount. With multicloud becoming more relevant in 2022, organizations are looking to find the best solutions to implement multicloud security policy and visibility.”
SEE: Multicloud: Does your company use multiple cloud providers? (TechRepublic)
To help your organization better handle security in a multicloud environment, Murray proffers the following advice:
- Create a sustainable model for multicloud security. By devising their cloud security over the span of several years, many organizations wind up with a piecemeal assortment of different tools and technologies. A multicloud environment can make that even worse. As some point, you may need to restart with a clean slate to rebuild your cloud security from the ground up.
- Know your cloud environments. Security begins with visibility. Less than half of the IT leaders surveyed felt highly confident that the right people are aware of every public cloud account in use. That lack of knowledge inevitably leads to a security gap. As such, make sure you have the right tools to close this gap.
- Find ways to consolidate your cloud security. Juggling different security policies and processes for each cloud-based environment is a major pain point for 91% of the respondents. This type of fragmentation not only creates headaches with everyday operations but throws obstacles in the path of deploying new workloads and responding to security incidents. One way to start consolidating your cloud security is to find out which tools are in place for which tasks and who owns each tool.
- Adopt a security strategy that is cloud (or multicloud) first. A majority of the IT leaders polled said they see cloud security as different than on-premises security, yet they also see it as an extension of their existing data center. This type of conflicting attitude can lead an organization to try to adapt a data center tool to work in the cloud. Instead, you want to adopt a cloud-first and multicloud-first approach to your security tools and strategy.
- Make multicloud security an imperative in 2022. Managing multicloud security is a problem that most organizations should have anticipated. And the longer you avoid the challenges, the worse they’ll get. The best way to deal with this is to choose to make multicloud security an imperative next year. As 83% of the IT leaders surveyed said they’re adding more funds to their multicloud security budgets in 2022, perhaps this message is getting across.