Fortinet: Keeping cloud platforms secure across the board
Article by Josh Alcock, Principal Engineer and Cyber Security Strategist, Fortinet New Zealand
Multi-cloud networks are the new normal for New Zealand enterprises.
Applications, data and networks can be and are hosted anywhere and everywhere.
And why not?
Cloud-based services are easier to manage and maintain, require less upfront investment and can be added or removed quickly and easily.
And if you are adopting a managed service approach to multi-cloud networks, you don’t even need a large IT team.
The only fly in the ointment is security.
The more cloud services in an organisation, the larger the attack surface.
And that’s authorised cloud services.
Shadow IT – cloud applications that store corporate data unbeknownst to IT – not only increase risk but can actually violate data privacy laws.
In short, multi-cloud networks deliver real benefits but also deliver increased risk.
Your challenge is to retain the benefits whilst reducing that risk.
Three essential best practices
Three essential best practices will help you reduce the security risks inherent in multi-cloud networks:
- A unified set of security capabilities that can be applied consistently across all cloud platforms, resulting in a single, holistic security framework.
- Native integration of each security solution into each cloud platform for maximum flexibility and the assurance of consistent behaviour across each environment.
- A single layer of consistent management and automation that spans the distributed network, ensuring that policy can be orchestrated across the entire decentralised and heterogeneous cloud environment.
Central to these practices is the establishment of visibility and control to facilitate operational efficiency, streamline management and identify, isolate and mitigate any security breaches.
Matching security services to the cloud services
Multi-cloud networks take many forms.
The challenge is to match consistent security services with each and every cloud service.
A unified security service – such as Fortinet’s Security Fabric - provides visibility into cloud activity, consistent security policies regardless of cloud service and tools to ensure those security policies are enforced.
To be effective, security services have to flexible and adaptable enough so that they can be deployed on premises (firewalls and switches), at remote offices using secure SD-WAN, in web applications (web application firewalls) and in embedded into Infrastructure-as-a-Service (IaaS) deployments at the workload level, the network level and the API level.
Ditto the cloud.
You should be able to deploy cloud security services from a centralised hub that shares consistent policies – and visibility and control – across individual cloud deployments.
With shared policies, visibility and control, you can manage your entire cloud security ecosystem from a single pane-of-glass dashboard.
Managed cloud security services
Multi-cloud networks are in a state of constant flux.
No matter how flexible or adaptable your security ecosystem is, it still takes a lot of time and resource to keep it current.
One way to keep up is by deploying managed security services – with shared policies, full visibility and integrated control – on an ad hoc, DEV/OPS or pilot basis in concert with new cloud-based services.
This provides a safe environment for digital transformation.
Fortinet’s entire Security Fabric is available in New Zealand from a growing network of visionary managed security services providers.
Multiple clouds require unified security.
The more clouds, the more essential centralised security management becomes. Visibility at the granular level.
Consistent security policies. Enforcement capabilities. Physical and virtual form factors. Cloud-based or as-a-service deployment.
Multiple clouds are the model of choice for today’s distributed enterprises.
Unified security for each cloud deployment is rapidly becoming the model of choice for distributed enterprises to reduce risk, streamline operations and ensure maximum performance.
About the author
Josh Alcock is Fortinet New Zealand’s Principal Engineer and Cyber Security Strategist. As such, it is his business to know what’s happening in the cybersecurity world and help enterprises secure their transitional networks without sacrificing speed, functionality or control.
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organisations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 375,000 customers trust Fortinet to protect their businesses. Learn more at the Fortinet website, the Fortinet Blog, or FortiGuard Labs.
Fortinet Security Insights is a series of hard-hitting discussions of trends in the cybersecurity world, how they will affect your enterprise and what you should be doing to prepare for digital transformation.