Cyber and Operational Resilience in a Multi-Cloud Environment

At Airwalk Reply, we're seeing more of our financial services and public sector clients turn to cloud computing to manage their IT infrastructure and applications. Most of our clients have a multi-cloud environment. Often, this happens because different app teams want to use the diverse features and services offered by the leading cloud service providers (CSPs). Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) provide a broad range of services. These can lead to various advantages like better flexibility, scalability, software-based security, and possible cost reductions, especially when managed well.

In the interest of providing balanced advice, multi-cloud environments can also introduce new challenges and complexity to cyber and operational resilience. Often, the strategy that delivers the most agility, scalability and built-in resilience is a single-cloud approach. Simply put, multi-cloud can cost more, and create resource sprawl and resource misconfiguration risks. Clients can end up managing more of the stack than they anticipated and increase their resilience risk. Therefore, unless there are significant scale requirements and/or regulatory complexity, clients should consider selecting and committing to just one cloud provider and take advantage of all that they offer, to increase business value.

‘Cyber Resilience’ is the ability of a business to protect its systems and data from cyberattacks and to recover quickly from any incidents that do occur. ‘IT Operational Resilience’ is the ability of a business to maintain its critical business operations in the face of disruptions, regardless of the cause.

In a multi-cloud environment, businesses need to consider both cyber and operational resilience when designing and managing their infrastructure. This includes:

• Securing cloud environments: Businesses need to implement robust security measures across all their cloud environments, including access control, data encryption, and intrusion detection and prevention.
• Managing cloud identities: Businesses need to have a clear understanding of who has access to their cloud environments and what they are allowed to do. They also need to have a process in place for managing cloud identities and privileges.
• Protecting cloud data: Businesses need to protect their cloud data from both unauthorised access and accidental loss or corruption. This includes implementing data encryption, data backup, and data recovery solutions.
• Monitoring cloud environments: Businesses need to monitor their cloud environments for suspicious activity and to respond quickly to any incidents that do occur.

A multi-cloud approach can help businesses to improve their cyber and operational resilience in the following ways. 

• Reduced vendor lock-in risk: By using multiple cloud providers, businesses are less reliant on any one provider. This can reduce the risk of outages and disruptions.
• Enhanced flexibility and agility: Multi-cloud environments can potentially provide businesses with more flexibility and agility in their IT infrastructure. This allows them to quickly adapt to changing business needs and scale their resources up or down as needed.
• Improved data sovereignty and compliance: By using multiple cloud providers, businesses can choose the cloud provider that best meets their data sovereignty and compliance requirements. This can be particularly important for regulated industries or when data is required to be stored in specific geographical locations.
• Increased redundancy and fault tolerance: Multi-cloud environments can potentially provide businesses with increased redundancy and fault tolerance. This can help to protect against outages and downtime, which can have a significant impact on business operations.
• Improved disaster recovery capabilities: Multi-cloud environments can potentially make it easier for businesses to recover from disasters, such as natural disasters or cyberattacks. By having data and workloads distributed across multiple clouds, organisations can more easily restore their operations after a disruption.

While a multi-cloud approach can offer several benefits, it also introduces some new challenges to cyber and operational resilience. For example:

• Increased complexity: Multi-cloud environments are more complex to manage than single-cloud environments. This can make it difficult to maintain visibility and control over security and operations.
• Skills shortage: There is a shortage of skilled cloud professionals. This can make it difficult for businesses to find the skills they need to manage multi-cloud environments effectively.
• Tool and resource sprawl: Businesses may need to use multiple tools to manage their multi-cloud environments. This can lead to tool sprawl and can make it difficult to get a holistic view of security and operations for all resources.

Here are some best practices for cyber and operational resilience in a multi-cloud environment:

• Develop a multi-cloud strategy: businesses need to develop a multi-cloud strategy that outlines their goals, objectives, and requirements with effective governance controls in place such as Landing Zones and Guardrails. This strategy should also include a process for managing cyber and operational risks.
• FinOps: Cloud ‘FinOps’, or cloud financial operations, is a discipline that helps businesses optimise their cloud spending. It does this by promoting collaboration between finance, IT, and business teams, and by providing them with the tools and insights they need to make informed decisions about their cloud investments.
• Use a Cloud Management Platform (CMP): A CMP can help businesses manage their multi-cloud environments more effectively. A CMP can provide a single pane of glass for managing security, operations, and costs across multiple cloud providers.
• Implement a multi-cloud Security Posture Management (CSPM) solution: A CSPM solution can help businesses assess and manage their cloud security posture across multiple cloud providers.
• Implement a multi-cloud Workload Protection Platform (CWPP): CWPP is the process of protecting workloads that are running in the cloud. This includes protecting the data, applications, and infrastructure that make up the workload.
• Implement a Cloud Infrastructure Entitlement Management (CIEM) and a Privileged Access Management (PAM) solution: A CIEM solution can help businesses manage cloud identities and privileges across multiple cloud providers.
• Implement a multi-cloud data protection solution: A cloud data protection solution can help businesses protect their cloud data from both unauthorised access and accidental loss or corruption.
• Monitor your cloud environments: Businesses need to store logs and monitor their cloud environments for suspicious activity and to respond quickly to any incidents that do occur with a robust investigation process.
• Utilise Infrastructure as Code; multi-cloud Infrastructure as Code (IaC) tools such as Terraform, which can provision immutable infrastructure, reduce the risk of malicious or accidental deletion or corruption of resources and data.
• Implement DevSecOps: ‘DevSecOps’ is a set of practices that integrates security into the software development lifecycle (SDLC). It is a collaborative approach that brings together developers, security professionals, and operations teams to build secure software at speed.
• Automate your security and operations tasks: Automation using Policy as Code (PaC), can help businesses to reduce the risk of human error and to improve their security and operations posture.
• Implement a Cloud Disaster Recovery Plan: Cloud Disaster Recovery (Cloud DR) is a set of strategies and services businesses can use to protect their data and applications in the cloud from disasters and other disruptions. 
• Conduct regular technical security reviews and operational risk assessments: as well as all of the above. This is where Airwalk Reply can provide practical help, with our team of dedicated cloud security architects, engineers, and consultants. Contact us to find out more. 

In summary, a multi-cloud approach can offer significant benefits to businesses, including increased agility, scalability, and cost savings. However, it is important to carefully consider the cyber and operational risks involved before implementing a multi-cloud strategy. By following the best practices outlined above, businesses can help to mitigate these risks and improve their cyber and operational resilience.

Cloud Security Services Learn more