Hybrid IT adoption continues to gain momentum, with 81 percent of organizations in a recent ScienceLogic study reporting they are mixing on-premises infrastructure with resources from multiple public and private cloud providers. On average, organizations are using five separate cloud platforms.
There are solid business reasons for using multiple clouds. Besides avoiding provider lock-in, the multi-cloud approach enables organizations to select the service that best meets the requirements of an application or workload. It also reduces the risk of downtime through redundancy and enables cost optimization through competitive pricing.
However, securing multiple clouds can be challenging due to a lack of visibility. It is very difficult to monitor what’s happening across multiple hosts in order to manage risk factors and maintain consistent security policies. A Digital Shadows study reports that more than 2 billion files are exposed publicly online due to cloud configuration errors.
To protect fragmented cloud environments, organizations tend to deploy more and more security tools. However, this also increases the amount of security data they must review and investigate. Many of these tools require data to be collected and transferred to a separate server for analysis, a time-consuming and potentially risky process.
Integrating and monitoring multiple security access controls and monitoring tools is another challenge, typically requiring security teams to manually correlate data from multiple tools. In a recent SANS Institute report, more than half of security teams surveyed said they struggle to integrate data with disparate security and analytics tools and combine that data across their cloud environments to spot advanced threats.
An innovative new cloud security platform from IBM is designed to improve security integration across hybrid multi-cloud environments. Introduced last fall, IBM’s Cloud Pak For Security connects with any security tool, cloud or on-premises system — enabling data to be scanned and analyzed for threats and vulnerabilities without moving it from its original source.
Cloud Pak for Security delivers these three key capabilities:
- Run anywhere, connect openly. Cloud Pak for Security is comprised of containerized software pre-integrated with Red Hat OpenShift, the industry’s most comprehensive enterprise Kubernetes platform. The platform connects to your existing security tools and uses open standards to enable you to search for threat indicators across multiple clouds.
- Gain insights without moving data. Cloud Pak for Security smoothly connects to data sources where they reside, detecting hidden threats using an open-source technology called STIX-Shifter. Instead of manually searching for threat indicators such as malware signatures and malicious IP addresses within each individual environment, this technology allows you to run a single query to search across all security tools, data sources and clouds.
- Respond to security incidents faster with automation. According to IBM Security estimates, security teams investigate roughly 200,000 potential security events per day and coordinate responses across dozens of tools. Cloud Pak for Security allows clients to orchestrate and automate their response to hundreds of common security scenarios, guiding users through the process and providing quick access to security data and tools. IBM’s Security Orchestration, Automation and Response capability integrates with Red Hat Ansible for additional automation.
Cloud Pak for Security can adapt and scale as organizations continue adding new cloud deployments and migrations. This allow you to bring sensitive and mission-critical workloads into the cloud while maintaining visibility and control from within a centralized security platform. Give us a call to learn more about boosting security in your hybrid multi-cloud environment.