While firms in every line of business are planning increased cloud use, defending against the increased range of digital dangers needn’t be time-consuming or expensive, even in a multicloud world.
Almost nine in ten companies use multicloud – multiple cloud storage and processing providers – to power IT and store business-critical information. A whopping 80 percent use both public and private cloud.
While these complex storage setups bring advantages, they make life harder for IT professionals. Recent Kaspersky research found IT complexity is becoming a top challenge for businesses, particularly securing these networked environments. How can leaders make sure it’s all secure and manageable?
Defending growing data worlds
The number of employee and customer digital touchpoints that must be secured in the average enterprise is ballooning. Networks are getting more complex and the amount of data gathered skyrocketing. That data can be enormously valuable – if it doesn’t get lost completely in the crowd of, well, more data.
“Cloud and online IT complexity expand each year as the magnitude of cyberthreats grow,” Tim Rosato, head of trend forecasting firm Silver Lion Group, told me in a phone interview. “User accounts, information and logins are also traveling across more cloud networks, apps and virtual desktop environments.”
Thwarting potential compromise means thinking more proactively across more digital and online dimensions.
Tim Rosato, President, Silver Lion Group
New solutions for multicloud enterprise
This growing complexity has sent many companies the way of investing in automated endpoint detection and response (EDR) platforms. These proactively scan for and eliminate threats. They’re also implementing more specialist security products for hybrid cloud with controls that let you centralize security. It’s all about greater network visibility and faster threat response across online workloads, software development and third-party apps.
“We live in a multicloud environment. Our research shows malicious actors can take advantage of any unprotected cloud, gaining unauthorized access to the whole infrastructure. New solutions can help protect assets and remediate different kinds of attacks”, says Marc Rivero, senior security researcher at Kaspersky’s Global Research and Analysis Team (GReAT.)
New digital identity management tools also help identify and authenticate users as they travel across apps, networks and cloud providers. You’ll also want to routinely scan code and applications, networked systems and connected devices for potential points of compromise, closing loopholes before they get used.
Consider investing in artificial intelligence (AI) and machine-learning tools. These establish baseline behavior for accounts and systems, meaning faster threat detection and response, and fewer false-positives.
Simple actions can also lower odds of compromise further, like adopting zero-trust security and multi-factor authentication. And you can’t go past promoting security awareness regularly among staff, with training every three to six months. Back up data offline every 24 hours and test security teams’ reaction times using exercises based on real-world cyber incidents.
Data-mapping tools that track how information flows across your business, and which users have or control access to this data, can also strengthen your cloud defenses. They help you classify and cordon off data by sensitivity level, which may also be useful in regulatory compliance.
Many clouds certainly don’t make light work, but the growth of multicloud and hybrid cloud is here to stay. For enterprises, the challenge is making sure their security is up to scratch for this complex environment. The increasing adoption of solutions that use automation and AI, and those designed for convoluted cloud settings, show many are taking heed. But no matter how many clouds or endpoints, remember your people must be the heart of your cybersecurity strategy.