BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
One of the biggest security challenges with multi-cloud storage is the lack of visibility into how data is stored and transferred within the cloud platforms. This situation is complicated by the fact that not all cloud services store and manage data in the same way. There's also a lack of integration between services, making it difficult to coordinate threat intelligence and identify anomalies that might indicate a data breach or the presence of malware.
But the risks don't end there. The use of multiple cloud services increases the number of attack surfaces, so the more services used, the greater the risks. Multi-cloud storage can also result in workloads and environments that are continuously shifting, complicating management even further. Then, there's the influx of mobile and IoT devices that all need to connect to the data stores. At the same time, cybercriminals are becoming more sophisticated as they step up the number and types of attacks against users, devices, networks and data centers.
Given these challenges, securing a multi-cloud environment can be daunting, which is why a security strategy should start with comprehensive planning, rather than being treated as an afterthought.
Multi-cloud storage security planning
Multi-cloud strategy planners should start by taking a holistic approach to protecting data. Next, factor in data flow and storage patterns, as well as the organization's own security and compliance requirements.
Storage planners also must understand how each participating cloud platform protects data and secures systems. They should determine what integration capabilities each platform supports, if the provider offers APIs for interfacing with its service, whether customers can control their own security certificates, what monitoring capabilities are supported and any other details necessary to understanding the storage environment.
The goal is to come up with a unified, integrated security strategy that incorporates multiple layers of protections across all systems. A comprehensive multi-cloud storage strategy might include firewalls, data encryption -- both at rest and in motion -- intrusion prevention, penetration testing, multifactor authentication, monitoring and logging, malware, denial-of-service protections, network access controls and whatever other safeguards are warranted to minimize risks.
The key is to ensure that security protections are implemented as a single, centralized approach that facilitates communications across all systems and lets components operate as part of a coordinated, integrated effort. Only then can IT gain the visibility it needs into each environment and the intelligence necessary to identify and address potential threats.
Focus on visibility and coordination
To support such an infrastructure, IT must have tools that easily integrate with each other and provide the flexibility required to operate across a distributed, multi-cloud network. Avoid tools that don't deliver the necessary levels of integration and flexibility, even if that includes ones your organization already has in place. Opt for tools that increase visibility and coordinate efforts. Avoid creating or reinforcing infrastructure silos.
Multi-cloud storage security systems must also have the intelligence to detect threats and automate responses. To this end, many management tools have incorporated machine learning and other AI technologies, making it possible to analyze large amounts of data collected from systems across the network.
These tools identify patterns in the data, uncover anomalies and take remedial actions. But this approach is only successful when implemented as part of a unified security strategy in which all components are coordinated and communicating and working together to provide a single, comprehensive solution.