Hybrid Cloud Requires Zero Trust
With data residing on (and moving between) multiple platforms, zero trust is a key strategy to help organizations centrally manage identity and verify credentials, Brockway says. The security model is based on least-privilege access.
Brockway suggests that credentials should be verified on a temporary basis rather than being granted a persistent connection that remains open after a data exchange.
John Yeoh, global vice president of research at the Cloud Security Alliance, says zero trust works well in securing many types of environments, including hybrid and multicloud, because of its simple approach.
“The zero-trust approach gives you those basic principles you can apply across all those environments, and then the next thing you need is people who understand how to implement that across those technologies in those different environments,” Yeoh says.
Many organizations are adopting a central security management approach (including identity authentication) across cloud and on-premises environments, with help from solutions from Okta, SentinelOne, CrowdStrike, IBM and others.
A central authority that monitors and provisions access to a hybrid cloud environment can help an organization avoid data breaches, Brockway suggests. “You want to enable different teams to be able to jump in the cloud and do fast projects, but you also want to make sure your security services and rights and privileges are centrally coordinated and managed so mistakes are not made,” Brockway says.