How to Manage Secure Cloud Services

Dean Pianta |  November 2021

Secure Cloud Services and Our Focus: Agility

Efficient and Effective Ways to Provide Secure Innovation  
Managing Multiple Cloud Services, Securely

The mission of keeping people and data safe is ever evolving and increasingly complex. Today, the game has changed; and tomorrow it will change again. Cloud service providers are forced to learn, unlearn, reimagine, and solve new problems each and every day. Which is why now more than ever, we must all focus on agility. For us at SAP NS2, we are constantly evolving the way in which we provide value to our customers. Although there is inherent value to the business application itself, the cloud has ushered in a new era for mission agility. Unfortunately, it has also brought forth a very complex security and innovation landscape.  

The “pre-cloud era” with traditional data centers, on-premises solutions, periodic patching and monitoring, etc. were simply not built to adapt to the “mission speed” required today. And moving an on-premises solution to the cloud can be daunting – from both cost and complexity perspectives. To make things worse, the end state isn’t about a single cloud solution, it often involves an entire portfolio of mission critical cloud services. What quickly becomes apparent to any sizeable organization is the challenge of scale. Managing hundreds of cloud environments, thousands of virtual machines, across various levels of data protection is not easy. It gets even harder as you raise the bar with security to the Federal Risk and Authorization Management Program, FedRAMP, level. Given this multi-dimensional problem of security and innovation, how do you get to agility?  

To better understand how we get to a secure, innovative, and “agile state” – let’s start at the beginning. As with all new development, manual processes are used to trail blaze through the latest cloud infrastructure services (compute, networking, storage, management, etc.) and security frameworks. Once understood though, these manual processes need to be formalized and automated to support scaling. This automation removes people from the task, making it cheaper, more consistent, and more predictable.

At SAP NS2, we believe that automating the pipeline for development, security, and operations (DevSecOps) is the only way to deliver meaningful value to our customers. For this reason, we’ve invested heavily into a common set of tools and automation built with enterprise-wide security and compliance in mind. Technologies like Terraform, Kubernetes, Docker, etc. are today’s force multipliers. And we view this nexus of common tooling as a Shared Managed Service (SMS) – one that is shared across solutions as well as data protection levels.  

How Good is Your Cloud Service?

There are several aspects that should be considered as organizations go shopping for enterprise-level cloud services. I’ll contend that these three are most important. First and foremost, enterprise cloud services must be secure. Second, they must address the evolving needs of the line of business – support mission agility. Third, the cloud service needs to be resilient.    

  1. Security and Economies of Scale. Successfully managing an entire portfolio across multiple data protection levels, within different countries builds teaches you a thing or two. SAP NS2 has enormous momentum from building common processes and automation for monitoring, application scanning, vulnerability scanning, intrusion detection, and an overall Continuous Integration / Continuous Delivery (CICD) model. The scope and scale of what we do justifies the investments we’re making; investments that can’t be made by any single customer. This not only translates into better security – but better recovery, if (when) a breach occurs.  
  2. Evolving Needs. A solid argument can be made for leveraging Commercial Off the Shelf (COTS) / industry leading technology in government. One caveat is that the COTS products must embrace “configuration” with native tools to meet the unique requirements of government. This is key towards avoiding excessive maintenance costs associated with custom development. Beyond the application level though, there is an often-overlooked aspect: the pace at which innovation is secured and deployed. Once again, the automation is critical here. Software as a Service (SaaS) and Platform as a Service (PaaS) models support the continuous (daily, weekly, monthly, etc.) release of new features. This is the norm for commercial markets; however, unless your DevSecOps pipeline is highly automated, the “government” version of the COTS innovation will suffer and could die on the vine.    
  3. Resiliency. Ultimately, managed service providers will be judged by contractual obligations such as Service Level Agreements (SLA), Return Point Objectives (RPO), and Return Time Objectives (RTO) – but these are all directly related to (1) the underlying IaaS architecture and (2) the level of automation in their DevSecOps model. Customers need to ask: “How many solutions have they setup / what is the reference architecture?” and “How automated is their development, security, and operational pipeline?”  Because these answers will determine overall resiliency and how quickly solutions can be stood up, secured, updated, patched, and brought back online with minimal data loss after a disaster. And once again, this all amounts to mission agility.      

Where is SAP NS2 Headed?

Not all Cloud Service Providers are created equal, so it’s essential to have a discerning eye. Our momentum and the demands at a global level drive our strategy. Our level of sophistication and maturity are event by our latest, security-oriented offerings. They include expanding to a global footprint, securing 3rd party technologies, and developing our own set of products:

  • NS2 Marketplace: NS2 has partnered with companies who offer solutions to some of the most challenging technology and security challenges today. Partners receive the backing and investment of SAP NS2, including advanced DevSecOps automation, common tooling, and credentialed team of ITAR, U.S. persons on U.S. soil.
  • CloudMIXR, an SAP NS2 Product: CloudMIXR empowers you to monitor every aspect of your multi-cloud environment. Want to track your cloud spend across hyper-scalers such as AWS, Azure, and Google Cloud? No problem. Need to visualize and track potential threats including those from cloud infrastructure, system users, and outside influencers? We have you covered. MIXR can streamline your ability to maintain cloud spend, compliance and security.

Please reach out today to learn more and meet with an SAP NS2 Cloud Services Expert. We knowledge and experience will bring the required agility back into your solutions to keep your people and data safe.

Dean Pianta

Dean Pianta

Cloud Director

Search

Related Posts

Download Resource

Please fill out the form below.

We use cookies and similar technologies to give you a better experience, improve performance, analyze traffic, and to personalize content. By continuing to browse this website you agree to the use of cookies. For more information on how this website uses cookies, please select “Privacy Policy.”