Lacework for Azure and Multicloud Environments: One Solution for the Problem of Cloud Security
February 12, 2019
Lacework today announced security support for Microsoft Azure, which means two things:
- Our customers get threat detection of behavioral anomalies for cloud and container environments as a single pane of glass over both AWS and Azure. With so many of our customers opting to distribute workloads into different environments, this now gives them security coverage over their entire infrastructure. One solution for one problem – security of cloud environments.
- Lacework’s commitment to security in multicloud environments. Our view has always been “one solution for one problem” – the problem is the security of cloud environments. The solution is deep detection and analysis of threats and alerts based on behavioral anomalies. Irrespective of platform, Lacework is built to identify, alert, and help customers maintain control.
As we see more demand from customers who use multiple clouds, we recognize that choosing a cloud vendor is a big decision for IT teams. Different workloads need to map to vendor strengths, and shared responsibility for security is treated differently by CSPs. When security is layered into the equation, it can quickly become a mathematical problem of assigning various tools to wildly different tasks. If security teams are focused on applying each point product to corresponding, unique tasks, the overall state of security suffers until it becomes something less than security.
We prefer to avoid complex math when it comes to our goal. We like the number “one”; we aren’t cobbling together different products or codebases, we are one solution that solves for one problem: security of cloud environments. We now solve that for multicloud environments.
The significant move to mutlicloud and the need to adapt to meet customer needs is at the core of our strategy. According to analyst firm ESG, the drive for organizations to distribute workloads over multiple cloud platforms is rapidly becoming the norm. As enterprises get more comfortable with the cloud, they are applying a more sophisticated and informed mindset to their management strategies. By distributing workloads, creating purchasing and contractual leverage, and mitigating risk, a multicloud strategy is increasingly recognized as an astute approach for organizations that want to maximize the benefits of the cloud.
In fact, muticloud is now recognized as the only effective way for companies to operate in the cloud. In their report, 2018 Public Cloud Infrastructure Trends, ESG states:
“… among organizations currently using public cloud infrastructure services, 81% leverage more than one cloud service provider (CSP), with more than one-quarter (28%) spread across at least four unique CSPs .”
From a security standpoint, a multicloud approach helps by distributing that risk and provides a measure of control when attacks occur. Consider what happens when some element of an organization’s cloud is compromised; for organizations that don’t have an incident response process (and a surprisingly high number fall into this category), this can result in shutting down operations while parts of the environment are sequestered, snapshot, wiped, and then redeployed.
That scenario requires that operations be frozen while the attack is contained, but at a great cost, both in terms of the resource being deployed and opportunity cost due to lost business opportunity. It also essentially negates the benefits of a flexible, dynamic cloud.
In a multicloud environment, however, workloads in non-threatened clouds can continue to function while issues on platforms under attack are resolved. Remember that hackers are specific in what they’re looking for; they exploit openings. Whether because of some knowledge or expertise about that platform or product, their goal is to find a way in based on something that can be easily compromised. In order to mount an attack simultaneously on two platforms being used by the same organization would require an operational and logistical focus that would be incredibly difficult to pull off. And organizations that are monitoring their environments would be able to quickly identify issues on one platform while transitioning some compute and operational activities to another one.
Lacework gives customers visibility and control over their cloud operations at cloud scale to the monitoring of all activities across all cloud components – accounts, users, apps, containers, machines – in addition to the network layer. The agility and speed that the cloud promises are deployed to monitor, detect, and alert on issues. But Lacework does it all one better by analyzing all that activity against normalized behavior and then highlighting those issues to truly identify risk, not just change. Lacework’s application of machine learning-enabled patterns to understand cloud activity gives security and compliance teams a highly accurate view of what truly needs to be remediated, rather than just a dashboard of signatures and control changes.
One solution. That’s what cloud users want in order to solve the issue of protecting data, workloads, and accounts across the entirety of their cloud environments. With Lacework now supporting security for AWS and Azure, customers get the insight into actual threats and risks for all cloud activity and can do something about it.