"The benefits of cloud computing are clear, from access to new technology, to flexibility in scaling resources at peak times, and enterprises are reaping the rewards. However, despite the rewards, enterprises we speak to continue to identify two big challenges in deploying or growing their use of the cloud—cost and security. Most IT professionals surveyed by Omdia in 2020 who work in enterprises using cloud services said that they are unable to keep tabs on the number of cloud services in use at the company. The emergence of shadow IT is a well-known problem in the industry, but it is rarely discussed because the concept of using unprocured and unsupported cloud services is strongly discouraged by IT teams. Shadow IT can lead to overspending on cloud services due to underutilization and suboptimal contract negotiation, and more importantly, it can expose the organization to significant security risk, expanding its attack surface unbeknown to the security team.
Then there is the issue of how to secure cloud infrastructure (workloads, data stores, etc.,). Cloud-native start-ups can afford the luxury of choosing the security tools and platforms they like for their cloud estates, but all other companies must struggle with the migration process: do they attempt to extend their on-premises security tooling into the cloud, and if they are adopting more than one cloud provider (the so-called multi-cloud strategy that is increasingly widespread), can they use a single security armory to address all their requirements? In other words, how do they address both hybrid (on-premises and in the cloud) and multi-cloud security challenges?
This research reviews new technologies and approaches that can improve the visibility for IT teams, enable a one-network policy across an organization, and make it possible to gain an enterprise-wide view of a company’s security posture. We will specifically review best practices in cost management and security..."
