Today, companies offer more options for remote work than before the pandemic.
To provide this level of flexibility for their employees, many are embracing cloud environments to ensure their employees can access the files and information they need regardless of where they are working. This has resulted in a greater emphasis on hybrid cloud infrastructure — and securing that infrastructure — in recent years. In fact, as of 2023, more than 72% of organizations exist in the hybrid cloud. As the workforce continues to adapt and evolve, that percentage will only grow.
Developing hybrid cloud security competency is key. The below steps will help channel resellers and managed security service providers (MSSPs) think about rising risks and how to keep organizations more secure.
Dee Dee Acquista
Risks of Encrypted Traffic
The need for cloud-based infrastructure in our digital world comes with IT complexity and security risks.
For example, to protect sensitive data from getting into the wrong hands, all traffic becomes encrypted when it enters the cloud. While seemingly helpful, research has found that 93% of malware hides behind encrypted traffic, showing a sophistication in cybercriminals that we haven’t seen before. With the capability to hide behind the very thing created to protect our sensitive data, there’s no stopping threat actors from bypassing perimeter controls, weakening an organization’s security posture, and ultimately gaining access to that sensitive data.
As organizations work to combat threat actors, visibility into all traffic must be prioritized. For our channel partners, this often means helping organizations adopt hybrid cloud security strategies that deliver deep observability into encrypted cloud traffic. You can’t protect what you can’t see.
Adopting a Cloud-first Strategy
With most organizations accelerating their digital transformation, it’s important for MSSPs to embrace cloud-first strategies with a particular emphasis on hybrid cloud security so that end users trust MSSPs’ ability to help navigate their cloud journeys.
While this may look different from organization to organization, one way for companies to ensure a strong security posture is by establishing a Zero Trust architecture, including implementing security solutions that provide deep observability into all cloud traffic.
End users who work closely with MSSPs and have these strategies in place will be better equipped to understand the level of cloud security competency their own organizations need.
Educating End Users on Visibility into Cloud Traffic
As channel partners and MSSPs determine the best way to implement cloud security strategies across organizations, it is also important they understand the deepest level of cloud traffic visibility that is now available to help organizations protect against cyberattacks.
Today, that level of deep observability across hybrid cloud infrastructure includes what’s traversing laterally on the network and any potential risks that may be present. While North-South traffic is critical to monitor, East-West traffic has surpassed the volume of North-South traffic and must be visible across container, virtual machines, and cloud workloads. Having this deep understanding enables MSSPs to better educate end users on the requirements their organizations need to successfully adopt a hybrid cloud strategy.
As our channel partners and the industry as a whole prioritize hybrid cloud security within their channel strategy, there will undoubtedly be challenges. But, if they embrace the guidance above, they will be able to help shine a spotlight on previously concealed encrypted traffic, chart cloud-first strategies for their end users, and ensure East-West visibility to safeguard data and maintain operational efficiency.
Dee Dee Acquista is vice president of Worldwide Channel and Alliances for Gigamon.
Image: iStock
