With 2022 looking like the year of multicloud, enterprises need a solid plan for multicloud security. Credit: MicroStockHub / Getty Images Valtix recently released research that multicloud will be a strategic priority in 2022, according to the vast majority of more than 200 IT leaders in the United States who participated in the study. Security is top of mind, with only 54% saying they are highly confident they have the tools or skills to pull off multicloud security, and 51% saying they have resisted moving to multiple clouds because of the added security complexities. If you’ve been reading this blog, you know that I have long identified complexity as the No. 1 inhibitor of multicloud success, with operational and security limitations as the cause of excess complexity. This is largely because of a lack of holistic planning and migration, and development projects running without any notion of cross-cloud services, such as security, operations, and governance. There are a few realities to deal with here. First, you’re likely already using multicloud, no matter if you know it or not. Scan the enterprise network if you don’t believe me. You’ll find AWS, Microsoft, and Google, with about three dozen or so SaaS providers as well. Second, if your reaction to dealing with the added complexity of multicloud is not to have one, you’ll find that innovation in the company suffers, considering that those who are building solutions will not be able to leverage best-of-breed technology from multiple cloud providers. This being the case, you’ll have to make multicloud work. So, what do you do? Here’s some advice from somebody who has already solved this issue a time or two. Provide some common security services that can be extended and customized. The worst thing you can do is to declare that you’re leveraging a single, static security layer that fits some but not all application requirements. Instead, pick a security manager that’s able to deal with many patterns of security, including encryption in flight and at rest, multifactor authentication, single sign-on, and, most important, identity and access management. The idea is to provide common security services that can be leveraged in different ways for different purposes—in other words, customizable. Incentivize the migration and development teams to use common services, with a guarantee of results. Solutions builders within the enterprises need access to core security skills as well as common security services. The idea is not to enforce compliance but to work directly with those who are building and migrating applications to single or multiple clouds. People often push back on enterprise security (and multicloud security, specifically) because there is really nothing in it for them. Providing free skills and technology will change their minds and get them under a common security framework, thus reducing complexity. Of course, there are other tricks specific to your organization and industry. Compliance, for instance, needs to be considered for each vertical, and governmental agencies have their own special issues to consider. Multicloud security is clearly a solvable problem. Although it’s not going to be easy, I’m not sure we have other choices that will not do harm to the business. Related content analysis Strategies to navigate the pitfalls of cloud costs Cloud providers waste a lot of their customers’ cloud dollars, but enterprises can take action. By David Linthicum Nov 15, 2024 6 mins Cloud Architecture Cloud Management Cloud Computing analysis Understanding Hyperlight, Microsoft’s minimal VM manager Microsoft is making its Rust-based, functions-focused VM tool available on Azure at last, ready to help event-driven applications at scale. By Simon Bisson Nov 14, 2024 8 mins Microsoft Azure Rust Serverless Computing how-to Docker tutorial: Get started with Docker volumes Learn the ins, outs, and limits of Docker's native technology for integrating containers with local file systems. By Serdar Yegulalp Nov 13, 2024 8 mins Devops Cloud Computing Software Development news Red Hat OpenShift AI unveils model registry, data drift detection Cloud-based AI and machine learning platform also adds support for Nvidia NIM, AMD GPUs, the vLLM runtime for KServe, KServe Modelcars, and LoRA fine-tuning. By Paul Krill Nov 12, 2024 3 mins Generative AI PaaS Artificial Intelligence Resources Videos