Implementing security for a bullet-proof, multi-cloud environment
Authored by – Anand Chandra, Senior Director - Technology, London
Financial services firms worldwide are continuing to look towards either starting or accelerating their journey into cloud with better flexibility and functionality as the primary drivers. When approaching cloud migration, many CIOs focus on including a multi-cloud strategy into their implementation roadmap in order to not put all their proverbial eggs in one basket. In 2019, 81% of organizations said they used two or more cloud providers1. Although this showcases a clear move towards cloud and the willingness towards its adoption, having a successful multi-cloud strategy is not possible without the right security in place. The same ease in which cloud environments can be set up can be just as easily misconfigured leading to holes in security, making companies vulnerable to DDoS attacks and costly data breaches. Unsurprisingly and according to the latest survey by Gartner, with the continuous move towards becoming cloud-ready, cloud ranks as the top risk concern for executives in risk, audit, finance and compliance.
When approaching security for a multi-cloud environment, cloud-security must be built into the overall environment and be a key component in the cloud journey vs being an afterthought. The factors to consider for multi-cloud security implementation can be broadly classified into three parts: Cyber Defence (Cyber Operations & Resilience); Applied Cyber Security (Cloud & Infrastructure Security); and Managed Security (Managed Application Security). Cyber defence and security are managed by cloud providers in many different ways and a number of Fintechs can offer support whereas application level security has to be designed and architected as part of the cloud migration journey - this is where you draw the balance between going cloud native vs retiring technical debt. Managed application security in a microservices architecture application that is built on an emerging technology stack, is part of a “reinvention bucket” and is mostly re-built as part of an organization’s journey to cloud migration.