cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Monitoring and Safeguarding Your Agency’s Cloud Environment

Level 12

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

 

From the government’s recently released Report on IT Modernization, calling for agencies to identify solutions to current barriers regarding agency cloud adoption, to the White House’s draft release of a new “Cloud Smart” policy, which updates the “Cloud First” policy introduced in 2010; cloud migration continues to be a priority.

 

Whether you’re moving everything to the cloud or choosing a hybrid cloud option, moving to this environment brings several well-documented advantages, such as flexibility, the potential for innovation, and cost savings. Yet it’s critically important to maintain a secure cloud environment.

 

This may seem overwhelming, particularly when a wide range of data falls under an equally wide array of privacy, policy, and security regulations. Data moving across these hybrid environments requires monitoring solutions spanning the entire distributed network and adapts as network environments change.

 

The three most critical steps to keeping your cloud infrastructure safe are:

 

  • Create and enforce management policies
  • Enhance visibility
  • Implement automation

 

The good news is technology is advancing quickly enough that you can likely find a series of tools, or even a single toolset, to help accomplish all three of these with minimal interruption and maximum advantage.

 

Create Management Policies

 

Compliance is second nature to federal IT pros; creating and enforcing management policies to maintain control within a hybrid cloud environment is a simple next step to compliance you may already be accomplishing.

 

Be sure you’re using a solid network configuration tool to deploy standardized configurations, detect out-of-process changes, audit configurations, and even correct violations. Be sure you can back up those standardized configurations in case something goes wrong.

 

There’s a good chance you’re already doing these things. The key is to be able to integrate this with the next two steps.

 

Enhance Visibility

 

The ability to see devices and activity across multiple connected environments is a must for security. Look specifically for the ability to implement a control-room view of sorts. Make sure you can do this in real time; the more you can see, the more you can control effectively.

 

Implement Automation

 

Start by automating your discovery process. Be sure you can automatically detect new devices and any other changes to network topology. Automate monitoring and alerting across the entire environment. Next, correlate the results of this effort; the larger the environment, the more data you’ll be grappling with. Automating will not only save you time, it will also dramatically reduce the impact of human error.

 

Conclusion

 

As networks grow and become more complex—particularly in the case of hybrid cloud environments—they become harder to secure. Creating management policies, enhancing visibility, and implementing automation will certainly go a long way toward providing more effective monitoring and shoring up security; even as the network grows.

 

Find the full article on our partner DLT’s blog Technically Speaking.

 

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

5 Comments
MVP
MVP

Good stuff.

I would add that a good level of logging for audit purposes needs to exist to provide a trail of everything done and to log anomalies.

 

Then you need a good logfile monitor that ignores the "normal" and provides an exception report on a regular basis.

 

Even then you still need human eyes reviewing logs and processes to make sure things are working as intended.

Level 12

Getting network policies enforced is the big challenge. When I worked in (state) government, enforcement never happened regardless of how much IT complained about users disregarding policy.

Level 11

Thanks for the article, enjoy anything around cloud articles as we're seeing this more and more in our business.

Level 14
As we inch forward towards our own version of a hybrid cloud solution, I am working feverishly to educate myself, with AWS training and certs. I am still wrapping my brain around the immensity of the project and how we are going to secure it. I completely agree with @Jfrazier. Logging for audit purposes needs to exist to provide a trail of everything done and to log anomalies. Then you need a good logfile monitor that ignores the "normal" and provides an exception report on a regular basis.(SIEM) Even then you still need human eyes reviewing logs and processes to make sure things are working as intended.
Level 13

Thanks for the article!