Did you miss a session on the Knowledge Summit? Watch On-Demand Right here.
This text was contributed by Kelley Kirby, product advertising analyst at Uptycs
Let’s speak about the cloud (as a result of who isn’t?).
During the last a number of years, we’ve seen cloud adoption skyrocket as organizations work to seek out probably the most environment friendly and cost-effective approach of working their enterprise. Whether or not the cloud surroundings be public, non-public, hybrid or multi-cloud, this worldwide development has led to a gradual enhance in accessible cloud companies, their suppliers, and configurations.
Again in 2019, 81% of public cloud customers reported utilizing two or extra suppliers (pre-pandemic, so you possibly can think about how a lot that quantity has grown), and whereas the advantages of cloud use far outweigh the danger, it might include some obvious challenges as you attempt to develop your corporation.
As a small group, working a handful of companies and purposes, and deploying workloads all with a single cloud supplier makes cloud administration appear easy. However the story could be very totally different for a rising enterprise with property and workloads throughout a number of cloud suppliers, complicated information lakes, companies hosted in numerous geolocations, and an array of instruments that don’t supply assist for each piece of your cloud property.
This sophisticated cloud amalgamation (Frankencloud, if you’ll) is commonly a results of preliminary value effectivity or acquisition, however regardless of the case, scaling that convoluted structure as your corporation evolves is onerous.
Cloud scaling challenges
When your corporation began, the concept of cloud adoption was a straightforward one to wrap your head round. It’d simplify quite a few your corporation processes, enhance information accessibility, enhance effectivity, and scale back total operational prices. In principle, cloud computing would make scaling your group because it grew a lot simpler. And it did!
However, alas, the benefit has handed since your corporation took off. You now have a large number of cloud situations working companies and workloads throughout three main suppliers in an try to chop prices and keep away from vendor lock-in, acquired a small agency utilizing a non-public cloud hosted within the EU with new rules to stick to, and have extra instruments to assist handle all of it than you possibly can rely on two palms. Merely put, it’s gotten overwhelming and now you’re attempting to determine the way to scale up.
The very fact of the matter is, the extra complicated your surroundings will get, the harder scaling goes to be. Let’s check out a few of these challenges and what they may imply for your corporation.
Configuring your Frankencloud throughout suppliers
Configuration to your purposes, infrastructure and workloads aren’t going to be the identical throughout cloud suppliers. Every supplier has its personal approach of provisioning, deploying, and managing situations, and it’s your accountability to make sure the proper configuration of your assets.
It may be tempting to hurry by the configuration course of (as a result of going by the motions a number of occasions takes ages and you’ve got one million different issues to do), but it surely’s endlessly vital to be sure you’ve configured your assets accurately and are rechecking them continuously as issues change to keep away from compliance and safety dangers.
A misconfiguration might imply non-compliance related to regulatory fines or, heaven forbid, a safety breach, and scaling too rapidly with out protecting your configurations in verify might value you. Like, quite a bit.
In response to IBM’s Price of a Knowledge Breach Report 2021, the extra complicated your surroundings is and the extra you’re failing compliance checks, the extra seemingly you’re to pay as much as $2.3M extra within the occasion of a breach.
This brings me to the following problem of…
Securing your Frankencloud
With the Shared Duty Mannequin largely leaving the onus on the shopper to safe their very own cloud surroundings, there’s not a complete lot that comes in-built to work with. Because of this hardening your surroundings, implementing safety controls, refining privileges and identities, and figuring out and remediating vulnerabilities are actually persistently on the high of your cloud scaling to-do record. And because the obligations range for every supplier, you have to work out what’s required for every supplier.
There are tips that can assist you obtain a few of this by yourself, just like the AWS Nicely-Architected Framework Safety Pillar or CIS Benchmarks, and a plethora of cloud safety distributors prepared that can assist you decide up the slack, however the hassle is rolling out these safety measures to your total cloud property in a approach that ensures full protection from end-to-end.
That is particularly difficult as a result of only a few cloud safety distributors supply assist for a number of cloud suppliers, and those that do typically have a really restricted toolset designed for a specific use case. This has resulted in safety groups compiling a number of instruments between a number of safety distributors in an try to cowl all of the bases (FrankenSec?), however these disconnected and siloed methods sometimes don’t combine and might solely ship items of their entire cloud safety image, leaving blind spots.
The blind spots between options can enable risk detection alerts to go unnoticed as a result of associated safety occasions might be occurring in two totally different methods, however the disconnected safety options aren’t capable of correlate them as suspicious. On this case, the one approach to uncover the occasions are associated is to manually triage each detection throughout every system and uncover their connection your self. However between the amount of detections chances are you’ll obtain (quite a few them being false positives) and the growing downside with alert fatigue, the margin for error is kind of excessive and you should still miss it anyway.
Observing your Frankencloud
Equally, with securing your Frankencloud, getting full visibility of your total cloud property is a significant problem. You’re confronted with the identical issue of disparate options that depart you with an incomplete image of your cloud environments and assets.
With out full visibility into the place your cloud information is, which purposes work together with which companies, and who has entry to what, you can be oblivious to misconfigurations, threats, overspending and non-compliant insurance policies.
Understanding how totally different assets, identities and companies work together with each other lets you prioritize configuration fixes, management privilege escalation, and carry out audits, in the end bettering useful resource efficiency and lowering safety danger. The bigger your cloud property will get with gaps in visibility, the more durable it’s going to be to do these issues successfully.
Abstract: Scaling your cloud creation
Your Frankenstein cloud creation has made scaling a little bit of a nightmare (pun meant), however you’re not alone. Whereas no two cloud environments look the identical, these challenges are confronted by any group working in a fancy cloud surroundings. Yow will discover some consolation in figuring out that it’s in all probability not a results of something you’re doing inherently unsuitable.
To scale a fancy cloud surroundings successfully with out creating new complications for your self down the street, you’ll want to have the ability to:
- Monitor the whole lot that’s occurring throughout cloud suppliers, together with asset relationships and privilege allocation.
- Guarantee end-to-end safety with no blind spots from disconnected device units.
- Uncover misconfigurations as you evolve to keep away from compliance failures and vulnerabilities.
Having a single, unified answer that may aid you handle these challenges multi functional place will largely scale back the period of time, overhead and stress that accompany a sophisticated cloud scaling challenge.
Kelley Kirby is a product advertising analyst at Uptycs
Welcome to the VentureBeat group!
DataDecisionMakers is the place consultants, together with the technical folks doing information work, can share data-related insights and innovation.
If you wish to examine cutting-edge concepts and up-to-date info, finest practices, and the way forward for information and information tech, be part of us at DataDecisionMakers.
You would possibly even contemplate contributing an article of your personal!