In its latest quarterly earnings call last week, Microsoft chief Satya Nadella identified security as a key business area for the company. Nadella said that “multi-cloud, multi-platform support is central” to Microsoft’s approach towards the cloud. But as companies adopt multi-cloud strategies, security vendors have had to tweak security products to fit this approach.
Microsoft is among a rising number of companies – both large and small, along with service providers and users – who are increasingly becoming platform agnostic in their cyber security operations, providing something called ‘unified security tools’. Service providers and users today use a combination of cloud platforms by Amazon, Microsoft, Google, IBM, Oracle, Salesforce and others – rather than the previous, siloed approach of closed ecosystems.
These security tools provide a single-window approach to users, where all needs and requirements can be managed from within one terminal. Last week, IT security firm Trend Micro launched a product called One, which is a multi-cloud security platform with partners like Google, Microsoft and security firm Palo Alto Networks, among others.
Similarly, IBM started offering a hybrid multi-cloud security platform covering AWS, Azure, Google and Salesforce in 2021, while Microsoft added AWS to its Defender security software in November last year, expanding the support to Google Cloud in February this year.
Independent Indian cybersecurity firm, Instasafe, which serves clients like Aditya Birla Group, Max Life Insurance and Siemens in India, also started offering such security tools from the second half of 2021.
Arati Ranade, senior director, Asia, at Japanese technology and services company Fujitsu, said that as a “non-cyber security company”, the sudden decentralization of the workforce due to the pandemic, coupled with a sharp rise in cyber threats around the world, highlighted the need for companies to adopt single-window security tools. Fujitsu, which serves clients such as Nissan and Toyota Kirloskar in India, is a client of Microsoft’s Defender for Cloud.
Furthermore, Rohan Vaidya, regional director at American cyber security firm Cyberark, said that the complexities in handling multiple cloud platforms, ecosystems offered by various companies, and a shortage of skilled cyber security professionals has increased the need for such tools.
“A leading private Indian bank today has over 120 separate security solutions to manage. But, it’s unlikely that they would have expert professionals to handle all of it, and there is a clear skill gap,” noted Vijendra Katiyar, Country Manager-India and SAARC, at Trend Micro. He added that “piecemeal approach” in such a landscape would mean heavy operational costs for companies – and that may not even be the best practice to adopt for them.
Terence Gomes, country head for security at Microsoft India, said that alongside the core security tools, services such as Defender for Cloud also help companies meet regulatory and compliance requirements.
It is only the past two years that companies have begun to work around such hurdles, which in turn is fuelling the growth of multi-cloud adopters – and security services to go hand in hand with them.
“We have seen companies struggle to meet regulation and compliance mandates with IT and cyber security laws. Some sectors, such as BFSI, also have their own laws on top of security mandates, after which there is also the need for independent system audits. This is a clear challenge among multi-cloud adopters, and is something that unified security tools can provide,” he said.