31 May 2018
Multi-cloud is set to be the enterprise IT architecture of
the future. A report by Gartner reveals that 70% of enterprises
are planning multi-cloud deployments by 2019, up from 10%
today. Whilst 90% of enterprises are currently using some sort
of cloud service, the progression towards multi-cloud is the
next step in allowing enterprises to build truly dynamic
What multi-cloud offers enterprises is the flexibility,
scalability and security benefits that businesses demand. But
with millions of transactions going through this cloud
environment every day, and new modes of digital transaction
processing such as blockchain moving into the mainsteam, data
security is increasingly becoming the key focus for banking,
trading, payment processing, retail and insurance
Equinix’s Global Interconnection Index
forecasts over the next three years, enterprises will require
50% more data traffic capacity, due largely to the rising
popularity of multi-cloud. Are enterprises ready for the
security challenges that this could present?
Cybersecurity is a critical challenge for many of
today’s businesses. It has moved from being an
issue for the IT team to a vital board-level agenda item.
Security disruptions can have a long-lasting reputational
damage and impact customer experience which if not handled
properly can result in business revenue loss.
PricewaterhouseCoopers singled out the UK as hotbed of
cybercrime in its 2016 global economic crime survey. According
to the report, more than half of all UK firms have fallen
victim to cyber-crime. Online accounts are being hacked aily,
and the sensitive personal data of hundreds of millions of
people have been exposed through attacks like WannaCry. We are
seeing the concerning rise of nation-state cyberattacks that
governments and business are struggling to control.
Unsurprisingly, security challenges are currently one of the
main barriers to enterprise cloud adoption. A McAfee report
reveals that 49% of businesses are delaying cloud deployment
due to a perceived cybersecurity skills gap. The report shows
that by industry, utilisation of cloud services is lowest in
government (27%) and education (19%). This appears to be
related to trust and control issues in both industries.
Governments are least likely to consider their data safe within
public cloud, and educational institutions are least likely to
think that public cloud is secure from hackers.
From a security perspective, a multi-cloud strategy can
potentially negate the possibility of a cyber-attack, as cloud
services do not sit with one single provider. This spreads the
risk of interruption across multiple parties should there be an
outage or performance issue. However, as long as cloud data
access points operate via the public internet, an inherent
security threat remains.
With a multi-cloud approach, the challenge can be complex.
Enterprise applications spread across diverse cloud service
providers can be difficult to monitor. Each CSP will have its
own unique technology architecture, service structure and
management interfaces, meaning it will be difficult for
businesses to build an integrated overview of how their data is
being stored. It’s this lack of visibility and
integration that can lead to problems if enterprises
don’t take the appropriate steps.
Many businesses are turning to encryption as a way of
protecting their critical information in multi-cloud
environments. We recently launched SmartKey – a new
encryption SaaS offering that securely host encryption keys
separate from, but in close proximity to, the data located
across networks, hybrid and multi-cloud environments. It was
designed to protect enterprise data wherever it resides while
keeping it under the enterprise’s control, by
locating data and encryption keys locally but separately. This
solves a range of data sovereignty issues, ensuring the
enterprise, not the external service provider, is in control of
both the enterprise data and its keys. Data encryption and
identity key management services for multiple clouds such as
this is vital to an enterprise’s data protection
The immediate future
By the end of 2018, we’ll have seen increasing
numbers of enterprises embracing multi-cloud architectures as
users continue to demand optimised experiences.
It’s a business’ ability to move
workloads across clouds that enables this optimisation, but it
also opens that information up to more and more
The best defence against cyberattacks is a "trust nothing"
approach. Companies must ensure multi-cloud environments are
secure and protect their data spread across distant networks by
using encryption management keys. They also need to reimagine
how they manage data and decide on operational models that fit
their business needs – especially with GDPR now coming
Establishing globalmanageable security control points that
can scale quickly and securely is vital. Like an international
airport, companies must erect security checkpoints in all the
places where their data is being exchanged, whether
that’s inside or outside of their organisations.
With the right planning and using tools like SmartKey,
businesses can achieve the protection they need in a
multi-cloud environment and continue to give their customers
the best possible experience, without compromising