Plenty of organizations adopt a multi-cloud architecture as a result of prudent planning and strategic decision-making. In other words, they end up there by design. Many other businesses arrive at the destination by accident. Different teams within an organization will make their own decisions about cloud services, or an acquisition will bring together people and technologies that never expected to be joined.
Whether by choice or happenstance, most organizations find they have -- or soon will have -- resources deployed to more than one cloud service provider. And having a multi-cloud architecture means securing a multi-cloud architecture.
To be successful in that, you'll need to develop a multilayered strategy that makes use of technologies that secure both applications and data. You'll need to consider controls on user access that work across cloud boundaries. What about microservices and network connections? There's a lot going on here.
To help, this handbook looks at the various options for securing a multi-cloud architecture. Cloud expert Tom Nolle breaks down the classes of tools available, from the proprietary ones available directly from service providers to those that address network security and the ones that safeguard particular applications.
It's likely that a well-secured multi-cloud architecture will involve a combination of those tools. It's complicated, to be sure, but the challenges are not insurmountable.
As with anything related to information security, constant vigilance is essential. A sound plan and the right technologies can keep your data and applications safe regardless of which public cloud hosts them at a particular time.