Securing Your Move to the Hybrid Cloud

Infosec Insider contributor Rani Osnat is SVP Strategy at Aqua Security The combination of private and public cloud infrastructure, which most organizations are already using, poses unique security challenges. There are many reasons why organizations adopt the public cloud — from enabling rapid growth without the burden of capacity planning to leveraging flexibility and agility in delivering customer-centric services. However, this use can leave companies open to threats. The question then becomes: How can an organization maintain consistent governance, policy enforcement and controls across different clouds? And how can it ensure that it maintains its security posture when moving between them? Fortunately, there are steps professionals can take to ensure that applications are continuously secure, starting from the early stages of development and extending throughout the lifecycle. Old Security Tools No Longer Effective in the Cloud Security tools not born in the cloud are ill-equipped to protect applications running in the cloud for many reasons. First, they are incapable of coping with the considerably accelerated development cycles of cloud native applications, compared with traditional waterfall methods. Instead of releasing versions every few months, organizations that employ cloud native CI/CD are continuously integrating and deploying applications and updates, sometimes multiple times per day. This mandates an automated approach to ensuring security — one that’s…