Cloud has become an integral part of an organisation’s data and application hosting and management is no news. It’s not a single cloud that organisations are subscribing to, it is a multi-cloud infrastructure that’s gaining popularity to make the best use of features offered by different cloud platforms.
As it adds value to an organisation’s IT and digital offerings by bringing functionalities like flexibility, agility and dependability, a multi-cloud environment can pose certain security challenges too.
“Among the key challenges is the absence of clear visibility and effective control on data spanning over multiple cloud platforms, which can potentially result in data breaches, insider threats, and compliance violations,” Shrikant Navelkar, Director of Clover Infotech, said.
“The existence of distinct security protocols and configurations for each cloud platform can add difficulties to the maintenance of a consistent security posture,” he said.
Organisations need to adopt a well-structured approach to get a clear visibility of data flow and interplay of various applications to counter these challenges. An effective strategy should include deployment of encryption techniques, management of access permissions, continuous monitoring and auditing, and regularly updating security measures to stay resilient against ever-evolving threats.
Marking the Cybersecurity Awareness Month this October, Navelkar has come out with a five-step strategy to ensure foolproof data security in a multi-cloud environment.
- Also read: Dabur becomes cloud-only enterprise
Data security management
He said that he wanted the organisations to establish a centralised data security management mechanism in order to put in place a robust security stance across various cloud environments.
“This centralised approach allows organisations to enforce uniform security policies and access controls across all cloud platforms. Besides, it facilitates swift detection and response to security incidents,” he pointed out.
Confidential computing
He said that he asked the organisations to encrypt all the data that is in transit and in storage within cloud environments.
“It is a formidable protective measure, ensuring that unauthorised interception or access does not compromise the data’s confidentiality or utility,” he said.
“However, data encryption can pose challenges, particularly concerning the data that is in use by applications, which is typically left unencrypted. Confidential computing offers a solution for securing data while it’s actively used,” he pointed out.
“It achieves this by isolating and fortifying the CPU and memory resources employed by code and data from the potential risks posed by compromised software, operating systems, or other Virtual Machines (VMs) co-existing on the same server,” he said.
Backup data
One of the best cybersecurity strategies for a healthy multi-cloud environment is to have a comprehensive backup and disaster recovery plan. “It is indispensable,” he said. “This plan should include routine backups of pivotal data, as well as a well-defined procedure for data restoration in the event of a disaster or security breach.”
Continuous monitoring
Navelkar said that he wanted organisations to regularly go for routine assessments and vigilant monitoring of the security posture. “It helps in the identification and mitigation of potential security vulnerabilities,” he added. “The assessments should include recurring vulnerability scans and penetration testing to detect and resolve security infrastructure weaknesses, if any.”
Zero trust
One of the basic and very important shields to secure IT infrastructure is zero trust (trust no one). This, he said, holds good for a multi-cloud environment too. This implies that users are granted access solely for their designated roles, following a meticulous process of identity verification.
