Strategies for Securing Complex Cloud Environments

Cloud Environments
Author: ISACA
Date Published: 28 September 2020

Cloud services are commonly used for data storage, meeting operational needs and running applications. Changing to cloud services enables organizations to create new environments when needed and retire them if business needs shift. Throughout the past decade, as enterprises moved to adopt cloud storage, most purchased cloud services from multiple providers, a practice known as “multicloud,” which can pose unique challenges to information security such as:

  • If multicloud is adopted without making a security-first approach, the resulting cloud usage will be insufficient.
  • If cloud services are purchased without input from the IT organization, IT will not have any leverage with the service provider to negotiate security and assurance controls.
  • Exclusively private and exclusively public cloud strategies are diminishing, which suggests that environments are shifting naturally toward multicloud adoption over time.

To further explore these consequences, ISACA® has released the Managing Security Impacts in a Multicloud Environment white paper that explains the benefits of using multiple cloud providers, what security challenges might occur as a result and how to create an effective enterprise multicloud security strategy.

Learn more about the consequences of using multiple cloud service providers by reading Managing Security Impacts in a Multicloud Environment, available on the ISACA website.