https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Cloud


Multicloud

3 Ways Multi-Cloud Means Multi-Attack Vectors

  • Written by Jon Bove
  • March 15, 2018
Customers like to spread their cloud usage around, for good reason. But more data stores also translate into more ways for criminals to get in.

Cloud adoption is on a steady upward march. It’s not uncommon to hear that laggard organizations, even those that are highly regulated and historically slow to adopt new tech, are leveraging SaaS applications or a private cloud. But one thing that has surprised some pundits: As digital transformation pushes CIOs forward, your customers are not moving workflows to a single massive public cloud. They’re hedging, spreading workloads across several cloud environments. RightScale’s latest State of the Cloud Survey reports that 85 percent of enterprises currently use a multicloud strategy. As to the mix, IDC predicts that public cloud will account for almost 32 percent of all IT infrastructure spending in 2020, while private cloud will represent a little less than 20 percent. 

This spreading of the wealth isn’t just about digital diversity. A multicloud architecture provides benefits beyond the advantages that are generally attributed to the cloud, such as accessibility, scalability and lower upfront costs. Multicloud allows organizations to benefit from a wide range of features, mitigates challenges posed by certain license restrictions and potentially offers greater cost flexibility.

For these, along with a number of industry-specific reasons, multicloud environments make sense; however, they also pose their own security challenges that must be addressed, because adopting cloud environments for improved efficiency at the sacrifice of security is not an option.

As your customers continue to innovate, here are several risks they should be aware of, along with strategies for how to mitigate them. 

  1. Increased attack surface: This is a problem when deploying almost any new technology. Allowing increased access to network resources and stored data across distributed environments through things like connected devices and applications also makes assets more accessible to cybercriminals. That’s because they are more likely to find an exploitable vulnerability somewhere along the extended attack chain.
  2. IoT devices: Your customers are increasingly connecting IoT devices to their networks, whether for business-critical reasons or as the result of bring-your-own-device (BYOD) policies. Many of these devices are not designed with strong security features and can be easily compromised. Moreover, it is nearly impossible to ensure that each of these devices, or the applications running on them, are secure. As a result, IoT has become a common attack vector for cybercriminals who, if successful, can leverage that entryway to access the cloud platform.
  3. Decreased visibility: Cloud environments often create diminished visibility into device use, data storage and movement, and applications and workflows. This challenge is amplified in multicloud environments, as IT security teams are required to monitor multiple, non-integrated portals. The lack of visibility and integration across these systems, resulting in the need to manually correlate threat intelligence, makes it more difficult to spot threat trends across their various environments.

Cloud providers have ensured that there are security controls in place to guard their infrastructures — things such as encryption, DDoS prevention, access management, penetration testing and intrusion prevention. However, these tools don’t provide the sort of deep contextual security that today’s networks require, which means organizations shouldn’t rely on these alone. While cloud providers aim to ensure data remains secure, the ultimate responsibility to keep sensitive data safe falls on your customers and, should there be a data breach, it is their reputation that will be damaged.

Cybercriminals have taken notice of the growing use of multicloud, which is why, in addition to the common cloud-security risks listed above, there is a constant influx of new, sophisticated malware that specifically targets the cloud. Cybercriminals are propagating malware through endpoints and phishing emails, as well as exploiting the trust your customers have in their SaaS applications. As a result, when an employee clicks a malicious link or connects a compromised device to the network, this access can be leveraged to infect the greater cloud network with malware, which far too often today turns out to be ransomware. These attacks can also be especially effective because, as SaaS applications are approved, it makes it easier for compromised instances to slip past security.

Additionally, as my company, Fortinet’s, recent threat landscape predictions note, it is likely that cloud-service providers themselves will be the next major ransomware targets. Should one service provider be infiltrated, they will have access to the data of countless businesses.

Securing Multicloud

As your customers adopt multicloud environments, they need your help to ensure they have all necessary security controls in one place – not just those implemented by the service provider – with optimal levels of visibility and integration.

For multicloud security to be effective, it must also be integrated, allowing clear visibility and communication across platforms. Additionally, it must be dynamic and flexible, able to stretch alongside cloud environments as they expand. Finally, cloud-security controls should employ segmentation and give your customers the ability to stretch their own security policies into their cloud environments. 

An interwoven security fabric approach removes the risks associated with the multicloud, allowing your customers to embrace digital transformation without sacrificing security. This approach integrates security across each cloud platform and then ties everything together into a unified and centralized control point, bringing visibility and intelligence back to your distributed network. This architectural approach allows cloud defenses, application defenses and endpoint defenses to communicate, ensuring the fastest threat detection and response times. Furthermore, a security fabric incorporates CASBs, which allow your customers to extend their own security policies into the cloud. This is especially important to customers in highly regulated industries, such as finance and health care.

Multicloud is actively being adopted by many of your customers for the cost, flexibility and scalability benefits; however, it can decrease visibility while broadening the attack surface. To protect data, customers must look beyond the basic built-in security features provided by cloud providers and work with partners to incorporate integrated and automated controls that can span the entire distributed network environment.

Jon Bove is the vice president of Americas channels at Fortinet. In this capacity, Bove and his team are responsible for strategizing, promoting and driving the channel sales strategy for partners in the United States as it seeks to help them build successful – and profitable – security practices. A 17-year veteran of the technology industry, Bove has held progressively responsible sales, sales-leadership and channel-leadership positions. During his time at Fortinet, he has been responsible for establishing Fortinet’s national partner program and aligning Fortinet’s regional partner strategy to allow partners to develop Fortinet security practices with the tools and programs to successfully grow their businesses.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Cloud Digital Transformation IoT Mobility Security Specialty Practices Technologies

Related


  • CP-Expo-Logo-1050x618 web
    Channel Partners Virtual Wraps — See You In Person at CP Expo Homecoming
    So long, Channel Partners Virtual. But what a week it was. Now, our live event is on tap.
  • Growth
    Auth0 Acquisition to Power Okta's Growth in Massive Identity Market
    Together, Okta and Auth0 address a broad set of identity use cases.
  • Integration gears
    Microsoft Integrates Dynamics 365 and Teams, Reveals New Features
    CEO Satya Nadella described Teams as the “organizing layer” for all work in an Ignite keynote.
  • Digital handshake
    Clearlake, TA Associates Buy Precisely in $3.5 Billion Deal
    Precisely's partners are crucial to the company and its growth.

One comment

  1. Avatar IT Support March 16, 2018 @ 9:28 am
    Reply

    Great Content…Thankshttps:/
    Great Content…Thankshttps://dataquest.com.au/

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • KnowBe4 to Buy MediaPro, Beef Up Privacy, Compliance Training
  • Pluribus Networks Launches Expanded, Simplified Partner Program
  • Full-Stack ICT Supply Chain Ownership Becoming a Thing of the Past
  • Thycotic-Centrify Merger Poses Potential Threat to PAM Leader CyberArk

Galleries

View all

International Women’s Day & Tech: Move Beyond the Conversation

March 8, 2021

Industry Perspectives

View all

What is FirstNet–and What Are the Benefits for Channel Partners?

March 8, 2021

5 Ways XDR Can Improve Operational Efficiency for MSPs

March 4, 2021

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021
  • 1

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

We celebrate #InternationalWomensDay by highlighting the important conversations and key statistics. @channelsmart… twitter.com/i/web/status/1…

March 9, 2021
ChannelFutures

A UK-based MSP got a lesson in grace when a post intended as a joke was mistaken for online bullying.… twitter.com/i/web/status/1…

March 9, 2021
ChannelFutures

Learn more about #FirstNet and partnering with @GetWirelessLLC. #LTE #firstresponders #connectivity #IoT… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Have you heard? @McAfee is selling its enterprise security business. And 75-year-old founder #JohnMcAfee faces deca… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Today we celebrate the achievements of women worldwide, and we are proud to give the rockstar women in the channel… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

The list of #Accellion FTA breach victims keeps growing. Another bank joined the list over the weekend.… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Happy #InternationalWomensDay! The Channel Futures / @Channel_Online team is proud to support @AllianceofCW and… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

#MSPs can help businesses deal with #cloudcomputing and #cybersecurity pain points, says @Dreamix_Ltd.… twitter.com/i/web/status/1…

March 8, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X