Sergio Loureiro – CEO Seclud IT: 7 tips to continuously monitor an hybrid Cloud
December 2017 by Sergio Loureiro, CEO of SecludIT
Las Vegas AWS re:Invent 2017 conferences have highlighted, like the previous years, the Cloud in all its forms. More than 450 american researchers have agreed that multi-cloud infrastructures will be the standard by 2019. Indeed, 69% of the respondents to an AWS survey wish to set up a hybrid infrastructure by then (combination of Private and Public Cloud). But security is still seen as an obstacle for many companies. Chris J. Preimesberger, a journalist at eWeek, is laying the foundation stone to better understand these complex infrastructures. We chose to reinforce it with 7 tips to migrate to the cloud and monitor its hybrid infrastructure.
Tip n°1 : Know and understand your IaaS provider security policy
Each Cloud provider must secure physically the access to your data, secure your databases, networks, storage, calculations... But the company have also its share of responsibility, especially to configure its operating system, network or firewall. Like the data and Cloud Workloads management is the responsibility of the customer. He has to equip himself to avoid breaches from his part.
Tip n°2 : Monitor critical applications and be alerted
After migrating to the cloud, companies must segment their infrastructure into sub-networks to separate and better protect critical resources. A more rigorous security policy is mandatory for the most valuable assets. So, a cyber-attack will not be able to touch all the data and this will allow the administrator to stop it more quickly.
An alert system is always necessary for a better reactivity.
Tip n°3 : Improve the Cloud resources visibility
Having a complete visibility of the Cloud resources as well as its applications performances is essential to operate quickly. Some solutions include evaluations of the performance of applications, operating systems, and devices. The security + : One of the main plagues on the cloud is the IT Shadow phenomenon. Since it is very easy to deploy cloud servers and services, the CSO/CISO lose visibility on their IT equipment. So servers are vulnerable while the administrator does not even know it exists. You have to automate assets detection to get a strict inventory.
Tip n°4 : Turn towards continuous Cloud monitoring
Continuous monitoring of its assets is an obligation for any company that has migrated to the cloud. The flexibility and speed of deployments imply surveillance industrialization. In a context where data has never been so valuable, businesses need to know their level of security in real time. Continuous monitoring of the entire environment is a "must have" and frees up time for the IT team by automating this process.
Tip n°5 : Study histories to predict the future
It is essential to closely monitor its network activity to predict changes in its infrastructure, remain agile, anticipate potential misconfiguration and optimize future investments. Reports with precise indicators will facilitate monitoring of the risk level to better understand its weaknesses. It is important to build on solid foundations.
Tip n°6 : Choose solutions deploying themselves quickly and automatically
When migrating to the cloud, businesses can be slowed down by certain parameters to configure especially if the environment is hybrid. To avoid production delays, companies have a strong interest to choose a solution that interfaces quickly and automatically with their computer equipment. SaaS solutions in particular require less configuration and maintenance than those to install on the infrastructure. They will be all the more quickly initiate.
Tip n°7 : Use an unique tool for a better performance utiliser
Companies must choose solutions that adapt to changes in their infrastructure, including multi-cloud environments. SaaS solutions (again) meet this need. The chosen monitoring solution will have to alert, display and disseminate data from all environments in a single interface.
The security + : For a hybrid environment, a solution able to manage multiple Clouds must be chosen. It will avoid investing in a new solution due to a change of cloud provider.
By betting on the Cloud, companies are looking for savings and productivity gains. To do so, they must optimize their migration by limiting the potential impacts on the activity. The multi-Cloud is becoming widespread and its complex management and protection are major issues. Moreover, security solutions are becoming more flexible and make it easier to manage the hybrid infrastructure security. So, There is no reason not to monitor continuously your Cloud infrastructure.