This is a summary of an article written for CloudTech by Fortinet’s Lior Cohen. The entire article can be accessed here.
According to research published by the IBM Institute for Business Value, 85% of enterprises currently operate a multi-cloud environment, and 98% of companies plan to use multiple clouds by 2021. And because of new digital business requirements, those clouds don’t operate in isolation. Business processes, transactions, applications, and workflows now move across and between physical networks, branch offices, mobile devices, and multi-cloud networks.
The challenge is for data, workflows, and applications to move quickly and seamlessly across and between these different physical and virtual environments without compromising security. What’s needed is a consistent security posture across all local and cloud-based resources so policies and enforcement can follow and protect cross-platform communications.
Leveraging the Cloud’s Native Controls and APIs
Gartner predicts that through 2022 at least 95% of cloud security failures will be the result of misconfiguration. Part of the problem is that many organizations are trying to overlay traditional security tools into their cloud environments. Unfortunately, many of these tools were never designed to consistently secure cloud platforms, scale to cloud requirements, or operate at cloud speeds.
Instead, to truly secure the cloud, security tools need to natively integrate into the cloud so they can run in the same elastic and distributed way that cloud applications run – which is fundamentally different from the way most traditional security tools function when operating as a cloud overlay solution.
What security teams need to do is collect critical cloud security information and share those findings with cloud DevOps teams. This allows security issues to be incorporated into ongoing cloud development for consistent compliance reporting across multiple clouds, enable streamlined and correlated incident investigation, and a provide a live, centralized cloud threat and heat map to provide real-time insight into the state of security across the entire cloud environment.
“To make this possible, cloud security management and analytics tools need to be integrated into the public cloud API, enabling them to simultaneously monitor the activity and configurations of multiple cloud resources across regions and public cloud types. This level of consistent visibility enables such things as instant insight into regulatory compliance violations to enhance compliance with industry or government standards. They also empower threat and risk management tools to effectively trace misconfigurations to their source.”
–Lior Cohen, CloudTech, May 2014, 2019
What You Need
Organizations need to leverage tools designed specifically for cloud security with native integration into the various cloud platforms being used. This allows security to solve multiple cloud adoption challenges, including migrating applications and infrastructure to the cloud and building and consuming SaaS applications.
Today’s unique cloud environments cannot be secured using traditional independent or isolated security systems. Instead, they need to span across a multi-cloud ecosystem to ensure consistent security policy enforcement across the entire distributed infrastructure. True visibility and control in a multi-cloud environment requires cloud native security solutions bound together with a policy management and analytics solution that can be seamlessly integrated through a central cloud management system.
This is a summary of an article written for CloudTech, entitled: “How leveraging APIs will help to enable comprehensive cloud security,” written by Fortinet’s Lior Cohen and published on the CloudTech website on May 24, 2019.
Learn more about how Fortinet’s multi-cloud solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.
Read these customer case studies to see how Cuebiq and Steelcase implement Fortinet’s multi-cloud services for secure connectivity and application security.