Developing a Holistic Approach to Multicloud Security

by Vimesh Patel and Maafu Shabaz for NextGov

As federal agencies continue to move applications and workloads to multicloud domains, security will have to keep up with the demands of these sprawling environments, especially with the increase in cyberattacks that are more sophisticated, targeted and widespread.

Multicloud environments add more complexity to federal networks that now extend beyond their boundaries to accommodate the needs of a mobile and remote workforce, as well as connect to a host of mobile devices and sensors. As data moves through more access points, the attack surface that hackers can exploit expands.

To be effective, a multicloud security strategy needs to be holistic, providing end-to-end protection that gives agencies visibility across hosts and services.

Undeniable Benefits

The benefits of a multicloud strategy are undeniable. Multiple deployment modes in any combination—including public clouds, private clouds and colocation facilities—allow agencies to put the right data and workload at the right place and at the right time.

By using different public cloud providers such as Amazon Web Services, Google Cloud Platform or Microsoft Azure, agencies can match the workloads with the right cloud platform based on their unique requirements for performance, data location, scalability and compliance. Multicloud offers customizable flexibility, allowing an agency to choose the best of each cloud type for their needs at a given time. However, those benefits come with increased complexity, including the need to secure and monitor disparate systems running workloads and hosting data.

True Multicloud? Not Yet …

Agencies are using all types of cloud environments—infrastructure-as-a-service, software-as-a-service, platform-as-a-service—and there is a need for management capabilities across all those ecosystems.