Digitization of business has changed the way IT supports the needs of the organization. As a result, IT infrastructures have changed, moving more and more toward virtual, cloud and multi-cloud. Workloads with different performance, cost, and capability needs will bene t from being deployed on different types of cloud infrastructures.
Cloud-based infrastructures are designed to be agile, programmable, and developer-focused. However, these open and flexible characteristics increase attack surfaces, therefore exposing organizations to unforeseen security risk. Additionally, attackers are becoming more sophisticated in their adoption of these agile models of IT, developing cyber threat tools in
no time and syndicating them across a brokered attacker ecosystem. From script-kiddies to well-funded nation states, this advancement further increases the risk profile for multi-cloud environments. The trend towards multi-cloud adoption and increased attacker sophistication creates an opportunity for IT and security leaders to build a security architecture that goes beyond existing perimeter-centric models, developed before the cloud era.
The following paper presents both a pathway to secure multi-clouds today and into the future. It is intended for use as a framework to help IT and security leaders build a more secure IT stack by proposing a vendor-neutral architecture that relies on interoperable, API-driven components.