As governments move from private data centers to multi-cloud environments, they face a number of considerations. Security considerations for multi-cloud environments abound. Cloud-hosted infrastructure brings the potential of risky configurations, new network threats, data exposure or exfiltration, host-based vulnerabilities, and malware. Traditional security tools centered around static environments and known network infrastructures begin to fail in dynamic cloud environments. Traditional tools may be unable to keep up with IP address changes, swift scaling of environments, and new compliance and governance frameworks specific to cloud environments. Financial considerations are also important. Governments need a robust cloud visibility toolset to effectively budget, plan, and provide visibility into the fiscal oversight of a multi-cloud distributed billing model.
Read this paper for some strategies, insights and best practices for reducing risk in multi-cloud environments. Topics covered include:
- Dynamic resource discovery
- Cloud compliance and governance, including NIST SP 800-53 and NIST SP 800-190
- Cloud configurations
- Cloud visibility implementation
- Zero Trust design considerations