February 11, 2021 By Dawn Blizard 4 min read

During the second quarter of 2020 — for the first time in history — customers worldwide spent more on public cloud systems than on investments in non-cloud IT systems. With more cloud spending than ever before, the battle for market share among the leading public cloud providers (PCPs) heated up. The same tactics major providers rely on to encourage cloud customer loyalty tend to amplify the cloud security challenges these customers face. 

Furthermore, many customers want to avoid locking in to a single vendor. This way, they can maximize the well-known perks of moving computing out of their private data centers in the first place. It comes as no surprise that only a small fraction of today’s cloud environments are built within a single public cloud provider’s domain. Instead, 93% are multicloud landscapes, and most rely on hybrid strategies that mix public and private cloud elements as well as on-premise components. 

What are the Major Cloud Security Challenges?

This means today’s defense teams are tasked with creating new tactics for tomorrow’s hybrid and multicloud world

Cloud security challenges can come with both multi-vendor and hybrid cloud strategies. Cloud deployments make IT vastly more complex even as they reduce the demands of physical management. This is taxing for security teams, who frequently struggle to maintain insight in multicloud landscapes. The drive to avoid vendor lock-in can result in an avalanche of readings from various providers’ platforms and software-as-a-service (SaaS) apps. These can be stored in disparate, poorly-integrated data silos, which makes it very difficult to create efficient and effective monitoring and incident response workflows.

Other cloud security challenges come from the way more complex data leads to lack of control. When enterprises use architecture and service delivery models from multiple cloud providers, it becomes more difficult to exercise the granular control needed to ensure data protection standards are met across the board.

The rapid pace of change that has become par for the course on a public cloud only adds to the problem. PCPs constantly shift their offerings, often in an effort to make it harder for customers to move workloads to competing providers’ platforms. Because of this, staying up-to-date on potential problems becomes harder and harder.

No cloud landscape can ever be truly secure if the team tasked with watching for threats, detecting strange events and risks and coordinating workflows can’t keep up. What might seem to be cost-saving measures might not be if they make working so confusing that it leads to errors or mistaken exposure of cloud resources. 

Security Best Practices for Securing a Cloud Environment

1. Watch for Misconfiguration

Guard against misconfiguration, which is still at fault in most cloud data breaches.

More than one-fifth of data breaches reported in 2019 resulted from misconfigurations, and in all cases, they came from human error.

“Just don’t make mistakes” is easier said than done, however.

The majority of teams involved didn’t realize they were responsible for fixing the specific problem that was to blame. In other cases, they lacked the tools to audit the configuration.

It’s essential to invest in support and training for IT operations personnel, as well as to ensure that defense teams have adequate knowledge of the cloud. Using cloud-native tools that monitor for common misconfigurations, including storage bucket risks, can also be helpful.

2. Encryption by Default 

Leverage encryption for cloud data at rest by default.

While encryption doesn’t protect against breaches per se, it does provide another layer of assurance that data won’t be compromised in case of breaches. This is simply an extra safeguard, but it has a key role to play in multi-vendor cloud defense. Automated tools can aid in giving granular insight into whether or not encryption is turned on for every cloud storage bucket.

3. Maintain Identity and Access Management Controls 

Maintain identity and access management (IAM) solutions carefully to address some of the most common cloud security challenges. 

Credential compromise is a significant threat in cloud-based and hybrid environments. These types of attacks are known for being difficult to detect quickly. Local-hosted IAM solutions tend not to work well across hybrid and multicloud landscapes. IAM solutions that are purpose-built for hybrid landscapes, such as those using lightweight directory access protocol (LDAP), show promise. So do hardware token-based services, such as Google’s Titan Security Key or the YubiKey.

4. Monitor Your Environment

Effective monitoring is essential for facing hybrid and cloud security challenges.

Security operations processes and workflows need to evolve at the same time as the cloud. Supporting workers while they tackle cloud security challenges and helping them level up their skills is critical. 

Adopting automated solutions to help analysts collect and monitor the growing volumes of log data created by cloud platforms without becoming overwhelmed by false positives will be key. SOAR platforms, moreso those based on open-source technologies and standards, can work across multiple vendors’ tools and cloud providers’ platforms. They simplify incident triage and response. Artificial intelligence and machine learning-assisted tools can also help with filtering data to reduce alert volumes.

5. Weigh Costs and Benefits 

Think carefully about trade-offs when designing your multi-vendor cloud plan.

There are pros and cons to everything, including multicloud. The primary benefits to selecting services and platforms from an array of PCPs include potential cost savings and the chance for development teams to select the platforms best suited to optimize application performance.

On the other hand, this means you could create a workflow in which there are major skills gaps. These are most likely to appear when it’s time to move data between platforms or manage security across the entire ecosystem.

Choose the Right Cloud Security Strategy Roadmap for You

So how do you choose which approach is right for acing your cloud security challenges? Consider one that puts emphasis on frameworks and standards. Then, select services on the basis of whether or not they’ll fit into this ecosystem. This might increase the upfront cost of services, but will likely pay for itself in terms of reduced admin overhead later.

With a hybrid and multi-vendor cloud security strategy that’s both extensive and unified, you can have the best of both worlds — a secure cloud environment that is practical to build, administer and maintain.

More from Cloud Security

AI-driven compliance: The key to cloud security

3 min read - The growth of cloud computing continues unabated, but it has also created security challenges. The acceleration of cloud adoption has created greater complexity, with limited cloud technical expertise available in the market, an explosion in connected and Internet of Things (IoT) devices and a growing need for multi-cloud environments. When organizations migrate to the cloud, there is a likelihood of data security problems given that many applications are not secure by design. When these applications migrate to cloud-native systems, mistakes in configuration…

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today