The cloud has long been called the "easy button" for IT. Don't have time or budget to expand your data center? Just move your apps to the cloud. The rise of containers and container orchestration tools such as Kubernetes has only expanded that promise. In many ways, that promise has been fulfilled. Oracle, for example, has aggressively expanded on-premise solutions, multi-cloud offerings, and container support all with an eye toward making cloud migration as easy and as seamless as possible.

In retrospect, perhaps they have made it too easy. In the rush to the cloud, far too many organizations have failed to consider the security implications of cloudifying their applications. Don't get me wrong, cloud-based solutions can be just as -or even more -secure than on-prem approaches. But moving some apps to the cloud -or to multiple clouds -does increase the attack surface, add complexity and make it hard to stay on top of your over-all security posture. The bottom line is, cloud computing requires a new model for security; a model we called the "shared security" model.

Simply put, the shared security model says that the cloud vendor is responsible for some areas of security while the user of the service has their own security responsibilities. The breakdown looks something like this:

The cloud vendor will often provide security tools for, say, secure communications or application security -but it is the responsibility of the consumer of the service to select, deploy, and manage those tools -and that is where complexity and lack of familiarity can lead to mistakes. In fact, the analysts at Gartner claim that, "Through 2023, at least 99% of cloud security failures will be the customer's fault." [1]

[1] https://www.gartner.com/en/documents/3892270/magic-quadrant-for-cloud-access-security-brokers

Expanding Fortinet's Dynamic Cloud Security to OCI

That is why we at Fortinet are so excited about expanding our alliance with Oracle. Now the countless enterprise customers who already rely on Fortinet can use the same tools, managed using the same management console, to ensure that their apps are secured and compliant and that all security events are tracked whether their compute is on-prem or off. Better still, Oracle and Fortinet have teamed together to provide tested and verified reference architectures that customers can rely on when designing their security infrastructure. 

To learn more about the shared security model, see Fortinet's newly published Oracle Cloud Infrastructure Reference Architecture.

Learn more about how Fortinet's dynamic cloud security solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.

Read these customer case studies to see how Cuebiq and Steelcase implement Fortinet's dynamic cloud security solutions for secure connectivity and application security.