Hybrid Security: How to Protect a Complex Environment

It is very clear by now that the cloud has reached an inflection point. Public cloud investment continues its rapid expansion, driven in large part by business imperatives for speed and scale. Gartner projects 18% cloud growth in 2017, with an increase of 36.8% for IaaS. So, the odds are your company is running at least some of its infrastructure in the public cloud.

Of course, no matter how many benefits it offers, it is often not possible for organizations to make a clean leap to the cloud. Many find themselves with infrastructures that include cloud, multi-cloud, hybrid, on-premise, and containerized environments. So what do you need to do to protect these complex structures?

We recently conducted a survey with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) to learn more about the realities of hybrid environments today. Below are some of our findings as well as recommendations on how to secure your environment, no matter what it consists of.

You’re Not Alone

The use of hybrid environments is on the rise, as evidenced by our survey. Of our respondents, 12% currently have hybrid environments, while 28% said that they will have hybrid environments within the next year. Together, this represents an increase of more than 200% year-over-year. If your organization is also running a hybrid environment, you probably realize that it adds a whole new layer of complexity to the already-complicated question of how to keep your data, applications, and infrastructure secure.

As more environments become hybrid, and containers experience tremendous growth over the next year, security professionals need to learn how to cope with a set of native controls across a wide range of products, plus necessary third-party tools to fill compliance and security gaps. This is further complicated by the need to address customer-driven regulatory requirements and internal security needs. At a certain point, managing the increasing level of complexity becomes extremely difficult — something we saw reflected in the findings of this report.

However, it is far from impossible. You just need to understand what to prioritize and how to go about selecting tools that will mold well to your hybrid environment.

How to Secure a Hybrid Environment

The good news is there’s no need to give up security — or visibility — just because some of your resources are on-prem, while others are in the cloud.

Cloud environments provide a lot more visibility and flexibility from a technical security perspective, but you can attain the same level of visibility in your on-prem environment to gain consistency across your hybrid environment. As far as we’re concerned, it doesn’t matter what operating system you’re running. You still need to have security and peace of mind. If hybrid is your reality today, strong security is still well within reach. Here’s what it takes.

Attaining Hybrid Visibility

To achieve security (and compliance), you need visibility, regardless of where your data resides. Visibility is the only way to make sure you know when a security event takes place so you can remediate it as quickly as possible.

We built Threat Stack specifically to offer this level of visibility, regardless of the environment. And our intrusion detection platform (IDP) is built such that it doesn’t matter if you are all-cloud, all-on-prem, or hybrid because it gathers security data at the kernel level (the deepest source).

Choose Your Weapons Wisely

Beyond prioritizing visibility in a security solution, you should seek solutions that are specifically built to work with a hybrid environment. If your company is operating in a mixed environment, the solution you choose should as well. Many solutions say they support cloud, for example, but are unable to support any hybrid or on-premise setups. This can prove challenging if you are either transitioning to the cloud or are operating both on-prem and in the cloud. To cover all your environments, and for ease of management, the best option is to find a solution that supports multiple environments in a single console. Intrusion detection platforms such as Threat Stack are designed with this in mind. Threat Stack offers a single place to monitor cloud, hybrid cloud, multi-cloud, and containerized environments, employing an approach that combines a multitude of detection techniques, and then automatically correlates events to determine whether behaviors are risky or not.

Threat Stack’s Approach to Hybrid Security

To give further guidance, we have included the following information about Threat Stack’s intrusion detection platform (IDP), which provides visibility regardless of whether you are all in the cloud, on-prem, or hybrid.

Rather than adopt multiple point solutions that may not cover all key security requirements and can be difficult to manage, we believe organizations should be moving toward the adoption of a comprehensive host-based intrusion detection platform that is supported by multiple security technologies, including software vulnerability detection, cloud configuration auditing, threat intelligence, and file integrity monitoring capabilities.

Unlike traditional intrusion detection systems that rely on the presence of a defined perimeter, we recommend a platform that is purpose-built for the unique challenges of the cloud and:

  • Supports multiple types of complex environments: cloud, hybrid-cloud, multi-cloud, on-premise, and containers
  • Supports multiple types of detection: behavior on the host, cloud configuration auditing, vulnerabilities, file integrity monitoring, and threat intelligence
  • Supports multiple types and points of attack: external or internal threats, and different stages during an attack
  • Alerts users to anomalous behavior in one location in real time, enabling an immediate response, if required.
  • Supports continuous compliance for major standards such as PCI, HIPAA, SOC 2, etc.

Final Words . . .

With the right approach and tools, it is entirely possible to operate a complex environment that is protected against today’s threats and enables business to operate at speed and scale.

For more information, feel free to download the full Threat Stack / ESG report: Threat Stack Cloud Security Report 2017: Security at Speed & Scale.

Cloud Security Report 2017

Understand the state of the industry and the gap between security and compliance readiness.

Download Now