Ian MoyseAs we’ve rapidly progressed to a more mature digitized world, cloud computing has become commonplace. The COVID-19 global pandemic accelerated the need for remote work, bringing exponential growth to common cloud applications like video conferencing and cloud telephony. This has also pushed businesses to “digitally transform,” using the new delivery form factors now available.
Recent reports found that only 7 percent of IT decision-makers say they’re equipped for digital transformation.1 While cloud has immense flexibility, power, and ability to put businesses at the forefront of industry innovation, it has also introduced challenges that are not obvious or easily identifiable to the unacquainted.
Today, organizations are seeking to consolidate a mix of their own servers (on-premises datacenters) into a more efficient and beneficial model, utilizing cloud technologies that are now mature and commonplace. Many have already conducted private cloud implementations as a step of validation for shifting further to public cloud — and now face the next stage of complexity as they migrate workloads and IT infrastructure more fully to the cloud.
We are now enveloped in a far more complex transition, balancing traditional on-premises datacenters with custom applications moving to the cloud. Traditional systems are built on a different foundation, with coinciding IT teams maintaining different toolsets and skills —unaware of the risks and challenges in a new cloud environment.
A recent study of over a thousand CISOs worldwide found that IT complexity was their number one challenge. (Source: Forrester)
As your digital transformation journey progresses, you are likely to work across hybrid and multi-cloud environments. You will find yourself with programs across on-premises, public, and private clouds, from vendors such as AWS, Microsoft Azure, and Google Cloud Platform. In fact, one of Gartner’s latest reports points to how hybrid, multi-cloud, and edge environments are growing and setting the stage for new distributed cloud models in 2022.2
Far from consolidating and simplifying the IT landscape, cloud adoption simply changes the model to a different mix of platforms and applications. As a result, operational teams face unfamiliar challenges in this new combined architecture, and monitoring and security tools for both old and new environments expose gaps, posing dangers in today’s threat-rich world.
92 percent of enterprises have a multi-cloud strategy and 80 percent have a hybrid cloud strategy.3 (Source: Flexera)
Digital transformation can’t be done with the flick of a switch — anyone who has started the journey has already had this realization. Operations will have monitoring and security tools in place at the outset of the journey, designed to serve the prior architecture of workloads which are mostly network-based. These tools have evolved to provide a depth of monitoring of locally based systems.
In the cloud world, such tools are delivered from a variety of vendors; however, some are not as robust as their on-network cousins in terms of data vision quality. Many leave gaps in visibility of interactions happening in real time across the network, especially when you take into consideration today’s ever-more dangerous threat landscape — which advances against organizations on a daily basis. With systems already in place and new tools being adopted, organizations are creating their own data streams, which need to be bridged together.
As organizations have embarked on their cloud journeys, they should have foreseen these risks, factoring in mitigation from the start. Most, however, have taken the more challenging route of modeling and addressing the issues as they occur, possibly due to two key myths that prevail:
Myth 1 – With public cloud the security is monitored, provided, and owned by the vendor, and therefore is inherently secure.
Public cloud is secure, but what you do within it is your problem — this is a shared responsibility model. You remain the data controller, responsible for your data shared with the provider (the data processor), and you can’t simply delegate responsibility. For example, while AWS secures the network and compute, the customer is responsible for securing the traffic and workloads.
Myth 2 – With public cloud, the performance is monitored, provided, and owned by the vendor.
Many assume that the cloud vendor owns this in totality as part of the contracted offering and that as a customer, you only need to look at relevant logs. On the contrary — with the emergence of cloud, we have seen a plethora of cloud-specific monitoring tools appear, much as they did in the on-premises world.
However, these tools should not be presumed to be equivalent to on-premises network and security visibility tools, as their capabilities are fundamentally different and limited, particularly at a network level. Applications are not completely siloed; they span cloud and network, and operate in a hybrid world, making what should be simple complex — if not impossible — using traditional tools. In today’s world of increasingly sophisticated threat actors, any gap of understanding is an exposure that puts an enterprise at risk.
“Having a visibility strategy is going to be key to customers having a successful hybrid implementation.” – Scott Ward, Principal Solutions Architect at AWS
It’s no use having cloud tools that don’t provide visibility into network data and network tools that don’t provide visibility into cloud data, leaving you with fundamental disadvantages from the outset. It’s important to address this with an end-to-end visibility fabric that provides comprehensive security, monitoring, and a complete view.
This is where Gigamon is providing a way to eliminate these gaps and mitigate risk using Hawk: a system that can see into 300+ applications and tap into OpenStack, AWS, Azure, Google Cloud, and more to bring a complete, deep, and real-time view of data in motion.
Importantly, Hawk sits alongside other cloud tools and platforms, providing the needed comprehensive analysis in today’s complex infrastructures. If you want to mitigate risk across your digital transformation journey, embedding Hawk early will aid the transition and identify risks ahead of any exposure.
Featured Webinars
Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.
CONTINUE THE DISCUSSION
People are talking about this in the Gigamon Community’s Hybrid/Public Cloud group.
Share your thoughts today
References
- “Are Executives Wearing Rose-Colored Glasses Around Digital Transformation?” Cyara, 2021. https://info.cyara.com/digital-transformation-report-2021.
- “Gartner Says Four Trends Are Shaping the Future of Public Cloud.” Press Release. Gartner, August 2, 2021. https://www.gartner.com/en/newsroom/press-releases/2021-08-02-gartner-says-four-trends-are-shaping-the-future-of-public-cloud.
- “Flexera Releases 2021 State of the Cloud Report.” Press Release. Flexera, March 9, 2021. https://www.flexera.com/about-us/press-center/flexera-releases-2021-state-of-the-cloud-report.html.
