The Latest CrowdStrike News
Product and Solution Information, Press Releases, Announcements
|You Canít Protect What You Canít See: Five Cloud Security Must-haves|
|Posted: Thu Jan 14, 2021 08:06:05 AM|
Many industry analysts project that infrastructure as a service (IaaS) will continue to grow as companies seek ways to slash costs and increase business resilience and agility. While it carries the promise of powering digital transformation and increasing efficiency, IaaS also introduces challenges around visibility and security that cannot be ignored.
The old saying is true: You canít protect what you canít see. As cloud environments become more complex and distributed, stitching together a comprehensive view of cloud activity is a vital part of enterprise security.
A Bad Forecast: Low Visibility
Poor visibility can lead to all manner of security risks, from data loss to credential abuse to cloud misconfigurations. It is one of the biggest challenges facing CISOs today as they look to adopt cloud technologies. In an April 2020 survey from Enterprise Strategy Group, researchers revealed that 33% of respondents felt a lack of visibility into the activity of the infrastructure hosting their cloud-native applications was the biggest challenge involved in securing those apps.
That should come as no surprise. Some of the difficulties businesses are facing can be traced to the rapid changes to the environment that DevOps introduces in the name of speed and scalability. From microservices to containers, modernizing your operation with cloud-native applications can come at a cost to security. For example, the short lifespan of microservices means they are being spun up and down frequently, which challenges organizationsí ability to maintain a clear view of their cloud environments. Containers face a similar challenge, as many are also short-lived. While this approach effectively reduces the attack surface, it also makes obtaining full visibility more complex.
Another challenge to visibility is shadow IT. As DevOps teams push back against anything that slows them down, they often increase their use of shadow IT. This is not something done out of malice but out of necessity. If IT cannot respond to requests to provision resources fast enough ó or developers prefer unapproved applications they believe will increase their productivity ó IT may find itself out of the loop.
By definition, shadow IT is outside the view of IT security, which increases the probability that vulnerabilities, misconfigurations and policy violations will go undetected. In a similar vein, though the growth of user self-provisioning may be good for speed, it is not without its drawbacks when it comes to security. By making the power to provision resources more decentralized, organizations can create an environment that allows for increased agility but does so at the expense of visibility.
Meeting the Challenge: Five Key Requirements
Embracing the cloud requires a comprehensive approach to security that emphasizes both monitoring and real-time workload protection. In the IDG Cloud Computing Study 2020 report, 92% of organizations said their IT environment is at least somewhat in the cloud. Additionally, 55% of respondents said they use multiple public clouds, with 21% using three or more.
Defending the multi-cloud environments that organizations have to protect today requires keeping track of what is going on across any number of cloud instances. While cloud providers often have their own tools, those solutions are typically designed for the providerís own infrastructure and not others, leaving many organizations in need of more advanced capabilities that can cover multiple clouds so that they can maintain security and compliance.
CrowdStrike provides a unified, cloud-native security platform to provide visibility and protection for organizationsí on-premises, cloud and hybrid IT environments.
The following are the capabilities CISOs should consider as they look to embrace the cloud securely:
The Future Is Bright: All-seeing Security
Whether on-premises or in the cloud, protecting data, systems and applications begins with having a clear view of what is happening in the environment. As organizations look to expand their footprint in the cloud, they must choose a solution that supports security and compliance across their entire IT environment. To learn more about how CrowdStrike can help you gain visibility, continuously monitor threats and ensure compliance in the cloud ó enabling DevOps to deploy applications with greater speed and efficiency.