Leveraging the Agility of DevOps Processes to Secure Hybrid Clouds
Fully leveraging technology to drive business has become paramount, with many organizations using an array of platform- and infrastructure-as-a-service (IaaS) cloud services to expedite building and delivering new applications, services, and entire lines of business. The broad adoption of cloud services and the new methodologies centered on automation punctuate the agility provided by modern technology. While fundamental changes in the computing landscape challenge established cybersecurity practices, they also represent notable opportunities for compelling improvements.
The perspective that code is infrastructure captures one of the foundational elements of how organizations now deliver, manage, and secure infrastructure. That is, the shift is beyond a technological one; agile software development and the continuous integration and continuous delivery (CI/CD) methodology of the DevOps movement embody the need for speed to gain competitive advantage. Today’s IT business model, rooted in enabling business agility, demands that cybersecurity keep pace with the velocity of the cloud.
Securing cloud infrastructure requires not only understanding what is technically different about today’s data center but also fully embracing and exploiting the benefits of DevOps as a means to codify cybersecurity practices and controls. In fact, according to a recent research study conducted by ESG, and discussed in this paper, 30% of research participants said that one of their highest priorities is to build a cloud security strategy that can be used across heterogeneous public and private clouds, making it the most-cited response.