Overcoming data security challenges in a multi-cloud environment

Sept. 8, 2023
While there’s no way of knowing what the data security landscape will look like in the future, having a better understanding of the current state of data security in multi-cloud environments, is a good place to start.

As data volumes continue to grow, multi-cloud strategies are on the rise. In fact, data shows that multi-cloud was the most commonly used deployment model in 2022, and it’s estimated that adoption will jump to 64% in the next three years.

This is unsurprising, as multi-cloud models can bring great benefits to the organizations that utilize them, including increased flexibility and scalability, resilience, enhanced disaster recovery processes, and cost efficiency. 

While companies may use these strategies for many different reasons, two of the main reasons include resilience and enhanced performance and agility:  

Resilience. Multi-cloud strategies allow organizations to be more resilient when complications or failures arise, as having data in different locations and platforms reduces the risk of a single failure point. Ever heard of the saying “don’t put all your eggs in one basket?” This certainly applies here, as any security incidents or risks to an organization’s sensitive data will likely be minimized when it isn’t all in one place. 

Enhanced performance and agility.Multi-cloud adoption enables organizations to leverage each cloud service’s unique features and capabilities and increase flexibility, scalability and overall business optimization. While the likes of Microsoft, GCP, and AWS duke it out on price arbitrage, organizations can choose providers based on who can offer the best price for their needs. This can lead to increased storage capacity or faster processing power, for example, which can help improve an organization’s overall performance and agility. 

Common multi-cloud security challenges

Despite the benefits of having a multi-cloud security strategy, it also comes with security challenges that must be addressed, especially when faced with large data volumes and complicated architectures. Based on my conversations with customers, the most common challenges include: 

●    Overwhelming sensitive data types and volumes: Ensuring the protection of sensitive data is one of the largest challenges of multi-cloud environments, as more companies utilize a collection of different cloud services to store and manage this sensitive information. On top of large volumes of this data, data types can range from personal identifiable information (PII) and financial transactions, to health information and intellectual property, and what may qualify as sensitive information frequently changes with location-based laws and regulations. For example, California’s Consumer Privacy Act (CCPA) recently introduced recent amendments to its definition of sensitive personal data.

●     Complexity: Recent research found that 85% of employees say their organizations use at least two clouds in their multi-cloud strategies, and a quarter of those respondents are using five or more. Keeping these numbers in mind, think about how each cloud service has unique security features and capabilities, and every organization using these cloud services has their own list of security needs and requirements as well. This combination can make securing multi-cloud environments incredibly complex, as teams must take into account both the requirements of the organization and the capabilities of the platform.

●     Time-consuming maintenance & monitoring: Monitoring for potential threats and proactively managing vulnerabilities and security weaknesses is key to ensuring the best multi-cloud experience. However, this process can become quite time intensive when conducted platform-by-platform, especially as the level of data and number of users increase, and increases overall security risk. And if your organization has reached the point of cloud sprawl – the uncontrolled growth of cloud usage -- call it “game-over.” 

Implementing multi-cloud data security

To address these multi-cloud challenges, there are several key factors to establishing an effective data security strategy for multi-cloud environments. First, develop a data strategy and governance framework that outlines the steps your organization should take to make sure your data remains accessible, trustworthy, secure, compliant, and confidential. 

Not only will this framework create a streamlined and efficient data workflow, but it will also help maintain both the quality and accuracy of your organization’s data. As part of this process, you should identify and prioritize the data security platform (DSP) investments in your organization. 

When selecting solutions, ensure you have coverage at different levels of the cloud: infrastructure, network, storage, and database/data warehouse, which may require multiple DSP products. It’s also critical that you manage your user identities consistently across clouds. From there, you can separate policy from compute and invest in cloud services and data security platforms that meet your company's overall needs while also accelerating business outcomes. 

These policies should focus on monitoring/preventing access to data and ensure appropriate access to each dataset by role, attribute, business purpose and data residency. With these frameworks, services, and platforms in place, organizations will have the necessary processes in place for secure and efficient data sharing across multi-cloud environments, which is key to success. 

Another important step comes from effective communication and collaboration between data and security teams. Data security is like a team sport, and having individuals from all aspects of your data and security teams be part of the process is crucial. This includes involving your CISO, who may need more tools and support to spend time on high value projects to better ensure security at scale. 

In the end, having an effective and established multi-cloud data security strategy will only become more critical as organizations continue to adopt more cloud providers and collect greater volumes of sensitive data, especially as threat actors advance. 

While there’s no way of knowing what the data security landscape will look like in the future, having a better understanding of the current state of data security in multi-cloud environments, as well as some initial steps to take to secure data across the cloud, is a good place to start.

About Steve Touw: Steve is the co-founder and CTO of Immuta, whose mission is to make the future of data secure. He is known for his data science work with US Special Operations Command and the US Intelligence Community. Steve is passionate about data and its power.