The Cloud Landscape in 2019

What are the native security options for a company embracing the cloud?

For many corporate customers security is clearly of paramount concern. Each cloud provider offers native, or built-in, security services.

From this perspective Azure places emphasis on its Standard Tier security offering. It’s a paid-for addition that offers greater insight into potential threats from attackers.

AWS also bundle native security tools, again for a premium via the usual pay-for-what-you-use model, such as AWS GuardDuty which offers external threat intelligence around what issues might cause headaches on your infrastructure.

GCP additionally provides Cloud Security Scanner, which looks at App Engine and Compute Engine amongst others, for example to check for common vulnerabilities.

Do you think hybrid multi-cloud architectures are replacing the “one-cloud-fits-all” approach?

When AWS was first making waves and cloud adoption was still relatively new, slowing edging out traditional data centres as the first choice for hosting enterprise infrastructure, the overriding focus was on secure connectivity between on premise infrastructure (data centres or offices) and the newer, scarier cloud infrastructure.

Today there’s much more acceptance of the cloud in general and Azure and GCP additionally gained high levels of trust from those decision-makers who control budgets. As a result, more commonly these days is a cloud-agnostic approach. That means having the ability to have your applications on different platforms and not just one.

And, if your focus has been on containerising your applications for example, then thanks to built-in services such as the native Kubernetes PaaS engines, now available via all of the top three cloud platforms, you’re probably in luck. That’s because moving between providers to run containers might not be as painful a proposition as it would have previously been.

With an increased reliance on the cloud, the appetite for moving between providers is significantly stronger these days. As a result the majority of cloud solutions will likely be hybrid in one shape or form in the future. Enterprises have already begun using a variety of cloud providers for different workloads to mitigate vendor lock-in and their various types of risk.

Thanks to Chris Binnie for his insights. Chris Binnie is a specialist DevOps Security Consultant. To find out more about Chris's background, click here: https://www.devsecops.cc