Ian Moyse, Cloud Industry Thought Leader & Social Influencer
We have rapidly progressed to a more mature digitized world, where cloud computing has become commonplace. The COVID-19 global pandemic accelerated the need for remote work across the world, bringing exponential growth to the likes of common cloud applications such as video conferencing and cloud telephony. This need has also pushed business agendas forward to ‘digitally transform,’ utilizing the new delivery form factors now available. Recent reports found that only 7% of IT decision-makers say they’re equipped for digital transformation. Whilst cloud has immense flexibility, power and ability to put businesses at the forefront of industry innovation – it has also introduced new challenges that are not openly obvious or easily identifiable to the unacquainted.
Today, organisations are seeking to consolidate a mix of their own servers (on-premise data centres) into a more efficient and beneficial model, utilizing cloud technologies that are now mature and commonplace. Many have already conducted private cloud implementations as a step of validation for shifting further to public cloud – and now face the next stage of complexity as they migrate workloads and IT infrastructure more fully to the cloud. We are now enveloped in a far more complex transition, balancing traditional on-premise data centres with custom applications moving to the cloud. Traditional systems are built upon a different foundation, with coinciding IT teams maintaining different toolsets and skills – unaware of the risks and challenges faced in a new cloud environment.
‘A recent study of over a thousand CISOs worldwide found that IT complexity was their number one challenge’ (Source: Forrester)
As your digital transformation journey progresses, you are likely to work across hybrid and multi-cloud environments. You will find yourselves with programs across on-premise, public and private clouds – and from vendors such as AWS, Microsoft Azure and Google Cloud Platform. In fact, one of Gartner’s latest reports points to how hybrid, multi cloud and edge environments are growing and setting the stage for new distributed cloud models in 2022. Far from consolidating and simplifying the IT landscape, cloud adoption simply changes the model to a different mix of platforms and applications. As a result, operational teams face unfamiliar challenges in this new combined architecture, and monitoring and security tools for both old and new environments expose gaps – posing dangers in today’s threat-rich world.
‘90% of enterprises have a multi-cloud strategy and 80% have a hybrid cloud strategy’ (source: Flexera)
Digital transformation cannot be done in the flick of a switch – anyone who has started the journey has already had this realisation. Operations will have monitoring and security tools in place at the outset of the journey, designed to serve the prior architecture of workloads which are mostly network-based. Over a long gestation period, these tools have evolved to provide a depth of monitoring of locally-based systems. In the cloud world, such tools are delivered from a variety of vendors, however some are not as robust as their on-network cousins in terms of data vision quality. Many leave gaps in visibility of interactions happening in real-time across the network, especially when you take into consideration today’s ever-more dangerous threat landscape – which is advancing against organisations on a daily basis. With systems already in place and new tools being adopted, organizations are creating their own data streams, which need to be bridged together.
As organisations have embarked on their cloud journeys, they should have foreseen these risks, factoring in mitigation from the start. Most however have taken the more challenging route of modeling and addressing the issues as they occur, possibly due to two key myths that prevail:
Myth 1 – With public cloud the security is monitored, provided and owned by the vendor, and therefore is inherently secure. Public cloud is secure, but what you do within it is your problem – this is a shared responsibility model. You remain the data controller, responsible for your data shared with the provider (the data processor), and you cannot simply delegate responsibility. For example, while AWS secures the network and compute, the customer is responsible for securing the traffic and workloads.
Myth 2 – With public cloud, the performance is monitored, provided and owned by the vendor.
Many assume that the cloud vendor owns this in totality as part of the contracted offering and that as a customer, you only need to look at relevant logs. On the contrary –with the emergence of cloud, we have seen a plethora of cloud-specific monitoring tools appear, much as they did in the on-premise world. However, these tools should not be presumed to be equivalent to on-premise network and security visibility tools, as their capabilities are fundamentally different and limited – particularly at a network level. Applications are not completely siloed; they span cloud and network, and operate in a hybrid world – making what should be simple, complex if not impossible – using traditional tools. In today’s world of increasingly sophisticated threat actors, any gap of understanding is an exposure that puts an enterprise’s risk at their peril.
“Having a visibility strategy is going to be key to customers having a successful hybrid implementation.” (Source: SCOTT WARD, PRINCIPAL SOLUTIONS ARCHITECT AT AWS)
So fundamentally, cloud migration brings a wealth of opportunity and potential benefit, but with risk that needs addressing. It is no use having cloud tools that do not provide visibility into network data, and network tools that do not provide visibility into cloud data – leaving you with fundamental disadvantages from the outset. It is important to address this with an end-to-end visibility fabric that provides comprehensive security, monitoring and a complete view.
This is where Gigamon is providing a way to eliminate these gaps and mitigate risk using Hawk; a system that can see into 300+ applications and tap into the likes of Openstack, AWS, Azure, Google Cloud and more to bring a complete, deep and real-time view of data in motion. Importantly, Hawk sits alongside other cloud tools and platforms providing for the needed comprehensive analysis in today’s complex infrastructures. If you’re wanting to mitigate risk across your digital transformation journey, embedding Hawk early will aid the transition and identify risks ahead of any exposure.
Learn more here.