Missed a session at the Data Summit? Watch On Demand here.
This article was contributed by Kelley Kirby, Product Marketing Analyst at Uptycs
Let’s talk about the cloud (because who isn’t?).
In recent years, we’ve seen cloud adoption skyrocket as companies work to find the most efficient and cost-effective way to run their business. Whether the cloud environment is public, private, hybrid or multi-cloud, this worldwide growth has resulted in a steady increase in the available cloud services, their providers and configurations.
In 2019, 81% of public cloud users reported using two or more providers (before the pandemic, so you can imagine how much that number has risen), even though the benefits of using the cloud far outweigh the risk predominate, it can come with some glaring challenges when trying to grow your business.
When you’re a small business running a handful of services and applications and deploying workloads with a single cloud provider, cloud management seems easy. But the story is very different for a growing company with assets and workloads across multiple cloud providers, complex data lakes, services hosted in different geolocations, and a set of tools that don’t support every part of your cloud estate.
This complicated cloud merging (Frankencloud, if you will) is often the result of initial cost-efficiency or acquisition, but whatever the case, scaling this convoluted architecture as your business evolves is heavy.
Cloud scaling challenges
When your company started, the idea of cloud adoption was easy to grasp. It would simplify a number of your business processes, improve data access, improve efficiency and reduce the total cost of ownership. In theory, cloud computing would make scaling your business much easier as it grows. And it did!
But alas, the ease has passed since your business started. They now have a variety of cloud instances running services and workloads from three major vendors to reduce costs and avoid vendor lock-in. You’ve acquired a small business that’s EU-hosted private cloud compliant with new regulations, and managed to manage it all with more tools than you can count on two hands. Simply put, it has become overwhelming and now you are trying to figure out how to increase it.
In fact, the more complex your environment becomes, the more difficult it becomes to scale. Let’s take a look at some of these challenges and what they could mean for your business.
Configure your Frankencloud across providers
The configuration of your applications, infrastructure and workloads will not be the same for all cloud providers. Each provider has its own method of provisioning, provisioning, and managing instances, and it is your responsibility to ensure your resources are configured correctly.
It can be tempting to rush through the configuration process (because it takes forever to go through the moves multiple times and you have a million other things to do), but it’s infinitely important to make sure you’ve configured your resources correctly and check them regularly when themselves change things to avoid compliance and security risks.
A misconfiguration could mean non-compliance that carries fines or, god forbid, a security breach, and scaling too fast without keeping your configurations in check could cost you. Like a lot.
According to IBM’s 2021 Cost of a Data Breach Report, the more complex your environment and the more compliance checks you fail, the more likely you are to pay up to $2.3 million more in the event of a breach .
Which brings me to the next challenge of…
Backup of your Frankencloud
Since the shared responsibility model largely leaves the responsibility of securing their own cloud environment to the customer, there isn’t much to work with. That means hardening your environment, implementing security controls, refining permissions and identities, and identifying and remediating vulnerabilities are now consistently high on your cloud scaling to-do list. And since each vendor’s responsibilities are different, you need to figure out what each vendor requires.
There are guidelines to help you achieve some of this yourself, like the AWS Well-Architected Framework Security Pillar or CIS Benchmarks, and a plethora of cloud security providers willing to help you bridge the gap, but the problem is getting these security measures in place across your entire cloud estate in a way that ensures complete end-to-end coverage.
This presents a particular challenge as very few cloud security vendors offer support for multiple cloud providers and those that do often have a very limited toolset designed for a specific use case. This has led to security teams assembling multiple tools between multiple security vendors to cover all the bases (FrankenSec?), but these disconnected and siled systems typically fail to integrate and can only provide parts of their overall cloud security picture and remain blind spots.
The blind spots between the solutions can result in threat detection signals going unnoticed, as related security events can occur in two different systems, but the separate security solutions cannot correlate them as suspicious. In this case, the only way to see a connection between the events is to manually select each detection in each system and determine its connection yourself. But between the amount of detections you might get (some of which are false alarms) and the growing problem of alarm fatigue, the error rate is pretty high and you can still miss them.
Monitor your Frankencloud
Likewise, when backing up your Frankencloud, it is a major challenge to get a complete overview of your entire cloud inventory. You face the same difficulty of different solutions that leave you with an incomplete picture of your cloud environments and resources.
Without complete visibility into where your cloud data resides, which applications interact with which services, and who has access to what, you could overlook misconfigurations, threats, overspending and non-compliant policies.
Understanding how different resources, identities, and services interact with each other helps you prioritize configuration fixes, control privilege escalation, and conduct audits, ultimately improving resource performance and reducing security risk. As your cloud inventory grows with gaps in visibility, it becomes more difficult to do these things effectively.
Summary: Scaling your cloud creation
Your Frankenstein cloud build has made scaling a nightmare (pun intended), but you’re not alone. While no two cloud environments look the same, these challenges face any business operating in a complex cloud environment. You can find some comfort in knowing that it’s probably not the result of anything you’re inherently wrong about.
To effectively scale a complex cloud environment without creating new headaches later, you must be able to:
- Monitor everything that’s going on at cloud providers, including asset relationships and privilege assignment.
- Ensure end-to-end security with no blind spots with separate toolsets.
- Discover misconfigurations as you evolve to avoid compliance errors and vulnerabilities.
Having a single, unified solution that can help you address these challenges in one place will greatly reduce the time, overhead, and stress associated with a complicated cloud scaling project.
Kelly Kirby is Product Marketing Analyst at Uptycs
data decision maker
Welcome to the VentureBeat community!
DataDecisionMakers is the place where experts, including technical staff, working with data can share data-related insights and innovations.
If you want to read about innovative ideas and up-to-date information, best practices and the future of data and data technology, visit us at DataDecisionMakers.
You might even consider contributing an article of your own!
Read more from DataDecisionMakers
https://venturebeat.com/2022/03/14/the-difficulty-of-scaling-a-frankencloud/ The difficulty of scaling a Frankencloud