So, what are the signs that you’ve outgrown those cloud-native security and performance services?
Before we go there, it’s worth remembering what attracted you to native cloud services to start with. Probably, it was because those services were easy to implement and are actually pretty reliable.
When SHOULD you consider more robust application services then? Here are three essential scenarios when you might need to go beyond the basics that are offered by your cloud provider:
- More advanced threat protection. Cloud-native security is usually fairly broad, but it’s also kept pretty simple and relies mostly on pattern matching—which can be problematic in that it gives bad actors an almost unlimited ability to test against it. And even when your cloud provider does offer the building blocks to create a truly robust solution (within just their ecosystem, that is), do you really want to spend the time figuring out how to put it all together? You need the ability to quickly and easily implement a comprehensive set of services suited precisely to your needs, even as those needs change.
“More advanced” protection doesn’t just mean capable of finding more advanced threats; it should also mean capable of finding those threats in more advanced ways. Ways that save you money. Like when we apply behavioral analysis (not just basic pattern matching) to incoming traffic in order to filter out the obvious bot traffic before it even crosses your network. Traffic and connection costs add up quickly enough as it is; the sooner you can filter out the unwanted stuff, the better.
Read the blog: Shifting Security in DevOps Means Shifting Mindsets ›
- Consistency. There are a lot of reasons why you might be looking for greater consistency from your application services. Acquisitions are a big one these days; if you haven’t been bought up by someone else, chances are your company is the one doing the buying up. Either way, when you’re tasked with ensuring all the new applications live up to your corporate standards, you quickly see the value of having one easy-to-use, comprehensive interface to apply security and performance services across all your apps.
The same goes for any time you need to consistently apply corporate standards, whether or not you’re dealing with newly acquired assets. Defining and maintaining high levels of application security and performance are critical to your ability to meet regulatory compliances (GDPR, anyone?) or to face internal or external audits of every stripe.
- Portability. Consistency and portability are, in many ways, two sides of the same coin. When you use a uniform set of tools to consistently apply application services, those services become much more portable. In today’s multi-cloud world, enterprises are constantly adjusting where and how their cloud apps are being served, but that doesn’t mean you should have to constantly adjust the services that support those apps. Better to have one set of services that work across all your private and public clouds and which can deliver a consistent level of security and performance no matter where an app resides.