Source: www.securityweek.com – Author: Joshua Goldfarb
Recently, on my morning jog, I saw a garbage truck making the rounds. This may sound like an odd way to open a security article, though, as you may have guessed, it reminded me of an important concept. It is remarkable how different circumstances can necessitate different solutions.
While I was watching the garbage truck, I noticed how the sanitation workers used different techniques to dispose of the garbage, depending on the type of trash bin. As you might expect, the workers lifted the smaller bins and emptied the contents into the garbage truck. Larger bins were connected to equipment on the truck that lifted and emptied those bins, which were too large and heavy for the workers to lift. For the largest bins, specialty trucks are required – not the standard garbage trucks that make the rounds in the morning.
Most of us have seen trash being collected thousands of times. What may not have occurred to us, however, is the concept that different circumstances often necessitate that different approaches be taken to solve problems. This is most certainly the case in the security field.
For an example in security, consider the need to apply security best practices in an enterprise environment. Whereas even a few years ago, this may have been a challenging but relatively straightforward undertaking, in the era of hybrid and multi-cloud environments (often called distributed cloud environments), this is anything but. The complexity and challenge of distributed cloud environments often necessitate managing multiple infrastructure, technology, and security stacks, multiple policy engines, multiple sets of controls, and multiple asset inventories.
What’s lacking in many hybrid and multi-cloud environments is a consistent and centralized way to manage and secure those environments. Thankfully, there are some solutions on the market to help in these distributed cloud environments. Let’s take a look at a few challenges that can be addressed by leveraging one of these solutions:
- Finding efficiencies: Having a distributed cloud solution in place opens up opportunities for enterprises to find efficiencies. Centralized and unified management of hybrid and multi-cloud environments allows those environments to be managed more efficiently by the security team. This, in turn, facilitates improvements in securing those environments by reducing the chance of oversights or errors and reducing the time required to implement security policies and solutions. As an added bonus, simplified management also allows enterprises to more easily optimize application and API delivery to end-customers.
- Managing complex application infrastructure: It is no secret that the application infrastructure across distributed cloud environments is complex. This can lead to a number of security issues, including unknown, unmonitored, and/or uncontrolled API endpoints, leakage of sensitive data, difficulty in enforcing policy, improper access control, and increased numbers of vulnerabilities. Distributed cloud solutions provide vastly simplified, more effective ways to manage complex application infrastructure and the security issues that come with it.
- Overly-distributed cloud: Sometimes I think that “overly-distributed cloud” might be a more apt name for hybrid and multi-cloud environments. While there are legitimate business reasons and advantages to have a distributed cloud infrastructure, there are also disadvantages. The infrastructure can often get out of hand and can be overly complex. This can lead to situations where important pieces of infrastructure and important applications and APIs are, to use a colloquial term, all over the place. This is not good, obviously, and generally requires leveraging a partner to help keep tabs on the infrastructure.
- Lack of good inventory: It is rather difficult for even the best security teams to secure assets they don’t know about. This is why asset management is so important. In distributed cloud environments, asset management can be challenging for a variety of reasons. Developers may release new versions with updated API schemas without notifying the security and infrastructure teams. Additional infrastructure may be instantiated without being properly inventoried and managed. These and other occurrences make maintaining accurate inventory important. Working with a partner that brings good API discovery capabilities to the table can be a great way for security teams to improve their asset management capabilities in distributed cloud environments.
- Consistent security: As the well-known phrase states, a chain is only as strong as its weakest link. This is very much the case in security, as we all know. That makes consistency one of the most important aspects of security. Attackers are clever, motivated, and incentivized to find our weakest links. Thus if we cannot apply security policy and best practices consistently, we are opening up our enterprises to an unnecessarily high level of risk. This is another way in which distributed cloud solutions can help security teams better protect their enterprises.
- Lack of consistent controls: If you’ve ever worked with a risk register or with a Governance, Risk, and Compliance (GRC) team, you know the importance of controls. You likely also know how complex these risk registers can get when the number and complexity of the environments grows. Naturally, controls are far more effective when implemented consistently, regardless of how many environments there are or how complex those environments are. This makes being on top of managing the distributed cloud environment and applying controls consistently extremely important.
The complexity and challenge that hybrid and multi-cloud environments (often called distributed cloud environments) add for enterprises are not insurmountable. By working with trusted partners, enterprises can more efficiently manage and secure their distributed cloud environments. This, in turn, helps those enterprises more effectively mitigate risk and improve their overall security posture.
Related: These Are the Top Five Cloud Security Risks, Qualys Says
Related: Survey Shows Reasons for Cloud Misconfigurations are Many and Complex
Related: Qualys Flags Gaping Security Holes in Exim Mail Server
Related: Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report
Joshua Goldfarb (Twitter: @ananalytical) is currently a Fraud Solutions Architect – EMEA and APCJ at F5. Previously, Josh served as VP, CTO – Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT.
Original Post URL: https://www.securityweek.com/managing-and-securing-distributed-cloud-environments/
Category & Tags: Cloud Security,cloud security – Cloud Security,cloud security
Views: 0