Those of you who built a security plan and physical security technology stack for a single public cloud provider just a few years ago hopefully don’t also believe that you can replicate that to many cloud brands or multicloud. It just won’t work.
The security mistakes I see today with multicloud deployment and operations are around selecting and deploying security architecture and enabling technology. That being said, I’ve compiled three pieces of advice for deploying multicloud security.
First, traditional approaches to security won’t work. Those of you who have had success in enterprises using traditional security approaches, such as role-based, won’t find the same results in multicloud. Multicloud requires that you deal with the complexity it brings and leverage security that’s able to configure around that complexity. IAM (identity access management) married with a good encryption system for both at rest and in flight are much better options.