This article first appeared in NetworkComputing, our partner publication
As enterprises migrate more IT systems from their data centers to the cloud, they are increasingly deploying workloads across a mix of public and private cloud technologies. These multi-cloud and hybrid environments create new challenges for security and networking teams responsible for addressing myriad issues related to multi-cloud operations and security while keeping costs in check and maintaining development teams' productivity levels.
The multi-cloud model often combines integrated public cloud offerings and the organization's own private cloud. This gives the organization the flexibility to select from the growing selection of public cloud providers and private cloud options to customize the environment that works for all of its users.
While the trend of more companies migrating their data, applications, and development work to the cloud is not a recent development, the coronavirus pandemic accelerated it. As a result, more organizations are prioritizing launching or expanding their multi-cloud strategies as part of their digital transformation initiatives. They can optimize for cost, geographical coverage, application performance and to reduce dependency on a single cloud provider.
According to a Gartner survey of public cloud users, 81% of respondents said they work with two or more providers. They can customize a collection of services and platforms from various providers that meet their specific needs and avoid vendor lock-in.
"Multi-cloud is no longer a matter of 'if — it's a matter of 'when,'" said Santhosh Rao, Senior Director Analyst, Gartner. "Multi-cloud computing lowers the risk of cloud provider lock-in, and can provide service resiliency and migration opportunities, in addition to the core cloud benefits of agility, scalability, and elasticity."
A multi-cloud strategy eliminates the need to decide between application portability and full functionality for specific workloads. The question from a security and operational standpoint is how to realize all of the above benefits without spending time re-doing everything for each cloud service/platform? In other words, how can an organization:
- Minimize the customizations necessary for each cloud environment it uses to streamline operations and reduce overhead.
- Achieve consistency. For example, can an application run on Azure, AWS, and Google Cloud and ensure seamless security and compliance monitoring and reporting across all three?
An organization needs to unify the administration and monitoring of its IT systems. This means standardizing policies and processes as well as the sharing of tools across multiple cloud providers. The challenge is to architect deployments that use native cloud applications when appropriate but elevate security to work across all cloud environments and ensure migration and interoperability.
Wait, there’s more! You can read the rest of this article at NetworkComputing by clicking here.
Rani Osnat is VP, Strategy at Aqua Security.