Cloud needs Cloud-native development Is on-premises security still up-to-date?
Many companies are already well advanced in their cloud journey. But while more and more business applications are migrating to the cloud, this is only partially the case with security systems. However, on-premises security is only suitable to a limited extent for securing applications in the cloud.
According to a recent study by KPMG, German companies want to run more than half of their productive applications in the cloud by 2025. 31 Percent of the respondents are already pursuing a cloud-first strategy and prefer cloud technology for IT projects. But despite numerous advantages, this also brings challenges.
Create cloud gateways and secure access
An important question is, for example, how to connect on-premises systems and cloud services. Secure cloud gateways are required for this. Even with a cloud-first strategy, most companies will still be working with hybrid environments in the coming years. There will always be workloads that you prefer to keep in your own data center or that you cannot simply migrate to the cloud for technical reasons.
Another challenge is to properly secure access to the Services. Because in the cloud, a lot of things are open and accessible from the Internet. IT teams have to take care of access controls themselves – preferably with multifactor authentication (MFA), as static passwords are too insecure. Here, companies need a solution that is easy to handle for both users and the IT department.
Because the number of applications that employees use is growing continuously. As a result, administrators are confronted with an increasingly complex ecosystem of on-premises and cloud applications in which they have to manage access rights. This is complex and takes a lot of time. Users are also slowed down in their productivity when they have to deal with complicated registration procedures. The best way to solve these challenges is with a cloud-native access management platform that offers MFA, single sign-on and centralized user management.
Integrated security of cloud providers is not enough
Most companies often try to solve security requirements with on-board tools from their cloud providers. The large hyperscalers such as AWS, Microsoft Azure and Google Cloud Platform have already integrated numerous basic security functions into their cloud services. However, as a rule, they soon reach their limits. For example, Office 365 offers MFA natively. However, if suppliers are to be integrated, it quickly becomes complex. Anyone who works with many partners and suppliers is therefore better advised to use a third-party cloud-native remote access solution.
Basically, companies should always keep in mind that security is not the core business of hyperscalers. Although they try to address this area as well, they usually only offer minimalist approaches. If you want to implement high security standards, you usually need additional, specialized security solutions from third-party providers.
Advantages of cloud-native security solutions
For a long time, companies have tried to upgrade their security systems from the on-premises world to the cloud. It is often better to immediately rely on cloud-native security solutions. They are developed exclusively for the cloud and are based on microservices and containers. Solutions are quickly integrated into the software stack via API.
The solutions work platform-independent, are flexibly scalable and work together with the services of various cloud providers without any problems. The management of security solutions is also becoming easier and hardware and data center resources no longer have to be allocated. The service is quickly ready for use without further installations and can be conveniently managed via a web console.
Invitation to the CLOUD NATIVE Conference 2022
More and more companies have therefore taken the step towards DevOps or DevSecOps strategies and built their cloud application architectures. All this is done with the aim of reducing complexity; however, containers, Kubernetes and microservices alone only meet this requirement to a limited extent. If you take a closer look at the developments in the cloud-native ecosystem, the technical complexity simply shifts to other areas. Developing, deploying, managing and monitoring distributed applications brings new, but also exciting challenges.
As part of the CLOUD NATIVE Conference 2022, we will once again provide a clear view on Wednesday, July 13, in Garching near Munich. User companies, IT service providers and representatives of the cloud native developer community actively support us in this, including AllCloud, claranet, SysEleven, Cloudflight, GitLab, the Public Cloud Group, PlusServer, Datacore, veeam and Nutanix.
Registration for the CLOUD NATIVE Conference 2022
How do companies find the right provider?
The share of applications that are developed in the cloud for the cloud continues to grow. According to an IDC survey, cloud-native applications will account for almost a third (29 percent) in two years. But how should companies decide which security applications are the right ones for their needs? Often it is still new, largely unknown security services that are best suited. They are cloud-native from the ground up. That’s why companies should have newcomers on their radar beyond the established security manufacturers.
In addition, working with a Managed Security Service Provider (MSSP) can help. He continuously scans the offers on the market, tests them and can use his knowledge to advise manufacturers independently. If the provider knows both on-premises and cloud environments, he can optimally accompany his customers in their cloud transformation.
Aligning security with corporate strategy
It is advisable to rely on cloud-native security solutions for companies that are gradually striving for cloud transformation. Cloud solutions offer numerous advantages: fast integration, easy management, better scalability. In addition, they address challenges in the cloud that the basic security functions of the major cloud providers cannot fully cover.
If companies cooperate with an MSSP, the latter can act in an advisory capacity. He specializes in IT security and knows when it is worthwhile to replace existing appliances with more modern, cloud-native alternatives at the end of their term.
* The author Wolfgang Kurz is Managing Director and founder of Indevis.