This post is also available in: 简体中文 (Chinese (Simplified)) 繁體中文 (Chinese (Traditional)) Français (French) Deutsch (German) 日本語 (Japanese) 한국어 (Korean) Nederlands (Dutch) Türkçe (Turkish) Español (Spanish) Italiano (Italian)
“Everything should be made as simple as possible, but not simpler.” - Albert Einstein (purportedly)
Simplicity is key when it comes to solving most challenges and we couldn’t agree more with Mr. Einstein. However, when it comes to simplifying your multi-cloud security strategy there are three things to keep in mind:
- Reducing cloud vendor lock-in
- Streamlining alerts and tools
Each of the cloud vendors are rapidly maturing their native security services within their platforms. However, when it comes to anything outside their ecosystem, they have little incentive to provide the visibility your organization requires with a multi-cloud strategy. Look for security tools that are provider agnostic and support, at a minimum, Google, AWS and Azure clouds (you may even want to add Alibaba into that mix if you have a heavy Asia presence).
Reducing Cloud Vendor Lock-in
What’s the one thing all of the cloud providers want most? To keep you squarely on their platform. However when it comes to cloud security, teams must take the long view that while today Azure might be your de facto cloud platform, research shows that Google Cloud (GCP) is likely in your future (and is likely already in your environment, but that’s a topic for another post). This is why we recommend engaging with security providers whose best financial interests are not with a single cloud but rather in the most diverse set of providers.
Streamlining Alerts and Tools
Your SOC is already dealing with alert fatigue—don’t add to their stress. When conducting your cloud risk assessment ensure that requirements for integrated security platforms are included. Your SOC team should have a single platform for starting investigations of any cloud-based incident. If your team is relying mainly upon the native cloud provider tools or is attempting to build their own with open source or SIEM tools, stop! They will likely spend more time customizing these tools for the near weekly changes cloud providers make rather than focusing on reducing risk and enabling the business to quickly consume new cloud features.
When looking to simplify your multi-cloud security strategy it is critical that security executives and their teams keep visibility, reducing cloud vendor lock-in, and streamlining alerts and tools in clear focus. This is where cloud agnostic security tools such as RedLock by Palo Alto Networks can help. RedLock provides a single location where security teams can gain visibility across Google, Azure and AWS while freeing these teams from the care and feeding of homegrown, open source or native cloud provider tools.