Safer in the clouds: mitigating security risks in hybrid, multi-cloud environments

IBM’s recent acquisition of Red Hat for approximately £23.5bn is part of a mission to create the world’s leading hybrid multi-cloud provider, and is reflective of a dramatic shift in the IT industry. Hybrid cloud is now a billion-pound industry that’s increasingly being recognised as one of the major growth areas of our sector. Large-scale companies have finally woken up to the benefits of a dispersed, multi-cloud architecture. And it should come as little surprise. Only hybrid cloud offers the flexibility, scalability and security that modern businesses demand.

Companies that embrace the multi-cloud-first approach need to meticulously prepare for the transition to make sure it is as seamless as possible and their approach is optimised from the get-go. When data is spread across multiple cloud environments there are naturally questions raised about security. These days data breaches are becoming increasingly public, often causing catastrophic reputational damage. How can companies mitigate this risk and ensure their data is safe from cyber-attacks?

The sun always shines above the clouds

A 2017 report from Gartner revealed that 70% of enterprises are planning multi-cloud deployments by 2019, up from 10% in 2017. While 90% of enterprises are currently using some sort of cloud service, 2019 is set to be the year that progression towards multi-cloud hits seismic levels, as companies embrace the next step in building a truly dynamic digital business infrastructure.

Because of this marked shift, global cloud spending is set to reach approximately £126 billion by the end of 2018 as companies embrace the business-critical agility, scalability and efficiency it offers. In fact, the Global Interconnection Index Vol.2, a recent market study published by Equinix, predicts that the direct interconnection between enterprises with cloud and IT providers is expected to grow at a 98% CAGR across Europe to 254 Tbps. This is largely driven by companies building out new digital services and migrating existing workloads to third party cloud platforms.

Reputational risk

Despite these promising statistics, there is still some apprehension around enterprise cloud adoption, primarily because of concerns around security. An independent survey commissioned by Equinix that surveyed over 1,200 IT professionals from across Europe, Middle East and Africa, showed that 70% of respondents still worry about security risks around cloud adoption. Indeed security was the biggest concern for IT leaders on the whole, with 45% of respondents stated that improving their organisations cybersecurity was their biggest IT priority.  

Heavily publicised, large-scale data breaches have caused uncertainty and concern worldwide. 2017 taught us painful security lessons about the potential impact of breaches to companies of all sizes, with billions of online accounts hacked and personal data for hundreds of millions of people exposed. And there are no signs of this pressure relenting. This year, international hospitality firm Marriot was the victim of a slow-moving cyber attack that lasted four years, and stole the personal data of 500 million people, including emails, names, addresses and passport numbers.  

Data breaches can cause catastrophic reputational damage for companies that are compromised. But there are measures that can be taken to negate this risk.  

A secure solution

In response to the increasing adoption of hybrid and multi-cloud environments by many organisations and the need for private, secure, globally available key management, Equinix has developed a software-as-a-service encryption and key management service called SmartKey. Companies are using SmartKey to securely host encryption keys separate from but in close proximity to the data located across networks, hybrid and multi-cloud environments. 

This protects enterprise data wherever it resides and keeps it under the enterprise’s control, while locating that data and a company’s encryption keys in proximate but separate places for better security and compliance. In doing so, SmartKey solves a variety of data sovereignty issues and puts an enterprise, not an external service provider, in control of both its data and its keys. It overcomes security challenges by making a hybrid multi-cloud future a lot more secure and a lot less complicated. Leveraging data encryption and identity key management platforms for multiple clouds through services such as SmartKey is vital to an enterprise’s data protection plans.

(Image credit: Pixelcreatures/Pixabay)

Security as standard

The digital landscape is continually evolving. Increasing regulatory compliance, the proliferation of IoT devices and massive growth in big data are adding additional layers of complexity and increase the need for a safe and secure cloud architecture. Enterprises in the interconnected era must ensure they have industry-compliant, high-performance security measures in place to minimise the impact of security breaches. The risk of cyber-attacks isn’t going away, nor is the reputational damage. Enterprises must plan for cyber-attacks diligently and comprehensively, treating them as the business-critical threat they are. Incorporating resiliency into all digital infrastructure is paramount to ensuring all private data is protected.

Sachin Sony, Senior Manager, Solution Marketing at Equinix

Sachin Sony

Sachin Sony is Senior Manager, Solution Marketing, at global interconnection and data centre company Equinix. He is a technology and marketing evangelist with over 12 years of experience in Product Management, Product Marketing.