Your Network and Their Cloud: Less Visibility. More Vulnerabilities.
Published 03/08/2022
This blog was originally published by Gigamon here.
Written by Mark Leary, IDC Research Director, Network Analytics and Automation.
Cloud services form a core component of a resilient digital infrastructure. Cloud-first has developed into a primary infrastructure and application strategy for a good portion of IT organizations. Makes perfect sense. Cloud services — whether IaaS, SaaS, or PaaS — deliver the flexibility, elasticity, velocity, and manageability that match the demands of the digital business model.
The result: more and more exchanges, end users, workflows, and workloads depend on cloud services. Increasingly, the end-user digital experience — the ultimate measurement of IT service quality — is also being determined primarily by public cloud services, not private systems. In many situations, measurement, monitoring, and management of the cloud has become as or even more important than operation and control over on-premises systems. Here, in-depth cloud service observability plays a lead role in delivering the most resilient, responsive, and ready network infrastructure.
Why Worry? Doesn’t the Cloud Make All Things Easier?
The advantages of a cloud-based approach are many. Unfortunately, with success comes challenges. And these challenges can expand exponentially as cloud usage climbs:
More Cloud Impact.
Cloud adoption continues to accelerate. IDC global survey results indicated that IaaS and SaaS budgets increased strongly for 2021 versus 2020. And even with these increased 2021 budgets, actual spending on IaaS and SaaS in 2021 exceeded budgets for over 40 percent of organizations. That translates to not only increased cloud service usage and dependencies, but also, almost certainly, a greater number of cloud service providers active within individual subscriber networks. This drives exponential growth in service oversight responsibilities and management requirements relating to provider-specific practices and toolsets. For each cloud service, there is a corresponding set of unique responsibilities and requirements. This is complicated further by developing multi-cloud approaches.
More Cloud Complexity.
Isn’t it ironic that a movement away from the complications of the hybrid cloud environment is being matched by a strong movement towards the more complex multi-cloud environment? The multi-cloud structure is driven by several key subscriber considerations — such as risk reduction, service quality, cost containment, and workload migration. Unfortunately, the multi-cloud approach further heightens the complexity — and costs — relating to managing, operating, protecting, and optimizing not only cloud services, but also the digital experience delivered by those cloud services. Inconsistent views and controls across multiple overlapping cloud services can severely constrain cloud and overall infrastructure observability and operations, dramatically impacting service integrity and staff productivity.
More Cloud Connections.
As cloud services take on more of a primary role in delivering the best possible (and most protected) digital experience across the resilient digital infrastructure, direct cloud connections provide for heightened efficiency and effectiveness. For example, advanced SD-WAN solutions provide for direct access to cloud services at the network edge, lessening the load on the network core and streamlining edge exchanges. Unfortunately, rising direct cloud connections make cloud-based exchanges more complicated to monitor or, worse yet, completely hidden from view. It is imperative that all cloud connections are provided consistent levels of observability — no matter where those connections are made and what those connections support.
More Cloud Threats.
While the argument for and against cloud as the most secure alternative for digital infrastructure continues to rage across the industry, one cannot deny that increased access and convergence attract more threats. While cloud service-provider security initiatives can be formidable, they are also focused on what they control. Service subscribers must continually ensure that their complete security posture is enhanced — not compromised — by their cloud service providers. Here, there must be shared responsibility for establishing and enforcing security directives and protection mechanisms. Toolsets and techniques that draw service provider and subscriber observability and security efforts closer together serve to deliver the strongest security posture.
More Cloud Discontinuity.
Cloud service providers often serve as leading-edge examples in such technology areas as operational automation and resource optimization. Some of this leading technology is made available to subscribers through online services or tools. Much, however, is not. This creates a gap between what the cloud service provider can view and control and what the subscriber can view and control. This gap complicates and constrains cloud service observability — and the management of digital exchanges and experiences dependent on cloud services. And the gap widens dramatically when the IT organization is faced with monitoring and managing a multi-cloud environment.
Measuring, monitoring, and managing cloud services as a core (or even primary) component of a resilient and ever-ready digital infrastructure poses a greater challenge with each passing business/IT requirement and cloud services contract. In-depth cloud services observability and inclusive end-to-end systems and services visibility and control are paramount for the success of IT organizations looking to deliver a consistent and predictable digital experience, the most efficient use of networking and networked resources, and the most failsafe and secure systems, services, and exchanges.
How do you ensure cloud services deliver on their full potential within your networked infrastructure? How do you ensure cloud service providers work with and for you in managing your networked environment? How do your cloud services heighten — not hinder — your in-depth and end-to-end observability capabilities? How do you ensure that your IT staff and management toolsets work effectively in a cloud-first networked world? Look for Parts 2 and 3 of this blog series on Networking the Cloud for answers to these thought-provoking questions.
Related Articles:
AI-Enhanced Penetration Testing: Redefining Red Team Operations
Published: 12/06/2024
What 2024’s SaaS Breaches Mean for 2025 Cybersecurity
Published: 12/03/2024
AI in Cybersecurity - The Double-Edged Sword
Published: 11/27/2024