Choosing a Hybrid Cloud Security Solution 101

April 13, 2023 TH Author Trend Micro CISO : Article, Trend Micro CISO : Cloud, Trend Micro CISO : Compliance, Trend Micro CISO : Detection and Response, Trend Micro CISO : Digital Transformation, Trend Micro CISO : Expert Perspective, Trend Micro CISO : Risk Management, Trend Micro CISO : Skills Gap

The accelerated shift to the cloud was mostly borne out of necessity due to the influx of remote workers and changing customer demands requiring more business agility. According to Forrester, 94% of US enterprise infrastructure decision makers are using at least one type of cloud deployment.

While there is a push to be cloud-native, the reality is that most companies will keep their “crown jewels” or critical systems on private clouds or on-prem, while leveraging public clouds for business operations and customer services.

This article will review key three components to effectively manage hybrid cloud security challenges and what features to look for in security tools.

What is hybrid cloud?

A hybrid cloud is a mixed cloud computing environment that uses a combination private and public clouds as well as on-premises data centers. This differs from multi-cloud wherein an organization uses multiple public cloud computing and storage services from different vendors.

Although it may seem that managing individual public or private clouds is easier, they still have the same security needs.

To simplify the approach to hybrid cloud management, I’ve outlined three primary security components: administrative, physical and technical, and supply chain security. Let’s take a closer look at how you can effectively manage cyber risk and secure the hybrid cloud across each aspect:

1. Administrative security
This aspect is based around people and processes. It involves risk assessment procedures, data protection policies, disaster recovery plans, and employee training. Two key areas to focus on are:

Establishing new roles and responsibilities
In the hybrid cloud infrastructure, there’s a shift in who’s responsible for what. For example, security is now a shared responsibility when it comes to app development. When everything was on-prem, developers would write apps to fit into the infrastructure, granting security teams more control over what said infrastructure looks like to establish a baseline for security.

Now, developers are not just writing app code, but they’re also defining the infrastructure-as-code (IaC) they’re deploying, which shifts the control more toward developers. Enter: DevOps, or DevSecOps, wherein security is implemented throughout the entire DevOps lifecycle from planning to coding to testing to deployment without slowing down any process.

Strengthening access controls
82% of data breaches involve a human element, according to Verizon. Therefore, strengthening user access controls with a zero-trust architecture is a good strategy. Zero trust follows the approach of “never trust, always verify”, whereby users and devices should only be granted access to apps that they are authorized for and only after their credentials have been verified. Access should be continuously monitored for a change in user or device behavior, which can then be terminated if the risk surpasses predefined levels.

2. Physical and Technical Security
For on-prem and private clouds, you are still fully responsible for securing your in-house infrastructure. It’s best to follow network security best practices which include physical locks, cameras, ID verification and biometric authentication, etc.

At a high-level, the challenge of implementing effective technical security boils down to a lack of visibility across all your clouds. Companies are oftentimes using multiple clouds; IBM expects that the average enterprise will use 10 clouds by 2023. Thus, an ad-hoc mix of public, private, and on-premises assets make gaining and maintaining full visibility challenging but necessary for effective detection and response. This issue is further compounded by enterprises using disparate point products across different cloud environments.

If you take a point product approach, your visibility will be seriously compromised, leaving your critical systems susceptible to attacks and at higher risk. Don’t panic, you don’t need to rip and replace your entire security stack. A cloud management platform approach backed by third-party integrations that play nicely with your existing security stack provides the comprehensive, real-time visibility needed to secure your hybrid cloud.

3. Supply Chain Security
In DevOps software development, there are many third-party components and tools used to speed up the process and meet market demands. However, utilizing said tools creates new attack vectors for cybercriminals. According to a recent survey from Venafi, 82% of respondents said their organizations are vulnerable to cyberattacks targeting software supply chains.

You May Also Like

Preventing Cryptocurrency Cyber Extortion

3 Shifts in the Cyber Threat Landscape

What Worries CISOs Most