Following these tips can improve your security visibility and standardize management across hybrid environments.

Avishai Wool, Co-Founder and CTO, AlgoSec

January 23, 2018

5 Min Read

When it comes to embracing innovation, we are all a little cautious by nature. For example, we know electric cars are the future, but the infrastructure to fully support them isn't ready yet. So sales of hybrid gas/electric cars are booming — giving drivers the benefits of new technology combined with long-established, proven systems.

It's the same with the hybrid cloud. It offers greater agility, rapid scalability, and cost-savings, as well as the promise of working seamlessly alongside organizations' current, on-premises networks. As such, it's no surprise that enterprises have embraced the hybrid cloud model. Nearly 50% of organizations we surveyed now run up to 20% of their workloads in public clouds, and another 25% used the public cloud for up to 40% of their workloads, according to our recent report, "The Hybrid Cloud Environments: The State of the Security".

Despite this, the survey reveals that enterprises still harbor significant concerns about security in public clouds, holding them back from wider adoption. Companies that are running business applications in public clouds say that their biggest worries are the risks of cyberattacks, breaches, and outages, and the complexity of managing security effectively across hybrid environments. So what's causing these cloud security concerns and challenges, and how can enterprises address them? 

Bumpy Road
Our survey shows that cloud security issues typically begin when enterprises start the process of migrating applications to public clouds: 44% of respondents say they had difficulties in managing security policies in the cloud after migration, and 30% report their applications didn't work at all post-migration. Fewer than one in five say they'd had no problems during the migration process.

This isn't surprising: migration is complex and error-prone, requiring detailed preparation if it's to be done smoothly without compromising security or compliance. 

Before starting any migration process, have a detailed map of the connectivity flows for the application that you plan to move. Making this map isn't easy. There's usually little or no documentation on existing application connectivity, and it can take weeks to gather all the information, understand the connectivity that's needed, and then migrate and update every rule and access control list for each security device to the new environment. 

It takes just one mistake in this process to cause an outage or to create security holes or compliance violations — which is why most enterprises have problems during migration.

Poor Visibility Affects Security
Even after successfully navigating problems encountered during migration, enterprises find new security challenges. Nearly two-thirds of survey respondents say the greatest obstacle they faced when trying to manage their hybrid environments was a lack of visibility into security and managing security policies consistently. Other problems were demonstrating compliance with relevant industry regulations, and managing a mix of firewalls consistently across their hybrid networks. 

A key reason for these problems is that organizations are using a range of different security controls to protect their environments: 58% of survey respondents say they used the public cloud provider's native controls, while 44% say they also use third-party firewalls deployed in their cloud environment.

This leads to fragmented security management processes: 20% of enterprises are using manual processes to manage their security devices, and 26% say they use cloud-native tools. Nearly half of enterprises are working with multiple, different security controls separately — adding complexity, duplication of effort, and management overhead to their security processes. 

How can enterprises address these challenges to make migrations and security management across hybrid clouds environments more automated and consistent? Here are the five key steps:

  1. Get clear visibility into all your networks. A lack of visibility in the cloud is the biggest security challenge cited by our survey respondents. As such, the first step is to gain visibility across not just the different environments but also across the security controls that exist both on-premises and in the cloud.

  2. Use single-console management. With organizations using a mix of their cloud providers' own security controls as well as host-based and on-premises firewalls, managing policies consistently is a huge challenge. The ability to manage all of these diverse security controls from a single console, using a single set of commands and syntax, enables security policies to be applied consistently and avoids duplication of effort and error-prone manual processes. 

  3. Automate security processes. Managing security policies consistently across their hybrid environment isbthe second-biggest security challenge cited in our survey. Alongside visibility, security automation is fundamental to managing a hybrid network environment efficiently, and orchestrating change processes across a complex mix of security controls. Companies that used automation benefited from speed and accuracy when managing security changes across their environments, accelerated cloud migrations, and were better able to enforce and audit regulatory compliance. It also helped these organizations overcome staffing limitations.

  4. Map apps before you migrate. To streamline the migration process, enterprises need to map all their existing applications, connectivity flows, and dependencies before the migration starts. With this set of application maps, connectivity flows in the cloud can be easily defined and all the underlying security policies can be adjusted to support the infrastructure and security devices used in the cloud.

  5. Tie cyberattacks to business processes for faster mitigation. Cyberattacks are one of the greatest concerns survey respondents cite for organizations running applications in the cloud. Policy management solutions that integrate with SIEM tools help address this challenge. Threats such as malware can be covertly active for months on enterprise networks, moving laterally from on-premises to the cloud or vice versa. When a threat is detected by the SIEM solution, a policy management solution can identify all the applications and servers it affects (or potentially affects) and map the lateral movement of the attack. A policy management solution can then mitigate the threat's risk by isolating any affected servers or devices from the network.

These five steps to improve security visibility and standardize and automate security management across a hybrid environment will help enterprises achieve a smoother, faster, and safer hybrid cloud journey. 

Related Content:

About the Author(s)

Avishai Wool

Co-Founder and CTO, AlgoSec

Professor Avishai Wool co-founded AlgoSec in 2004 and has served as its CTO since its inception. Prior to co-founding AlgoSec, he co-founded Lumeta Corporation in 2000 as a spin out of Bell Labs, and was its Chief Scientist until 2002. At Lumeta, Professor Wool was responsible for transforming the firewall analyzer technology he helped develop at Bell Labs into a commercial product. Earlier, Professor Wool was a technical staff member at Bell Labs' Secure Systems Research Department, where he led a team of researchers who created the first research prototypes for the firewall analyzer. He has published more than 110 research papers and holds 13 US patents, and has served on the program committee of the leading IEEE and ACM conferences on computer and network security. Professor Wool has a B.Sc. (CumLaude) in Mathematics and Computer Science, and a M.Sc. and Ph.D. in Computer Science.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights