In response to findings from its 2022 survey, HashiCorp delivers zero trust remote access delivered in the cloud, and no-code provisioning to address infrastructure-as-code skills gap
As companies move into public cloud, many aspire to infrastructure-as-code, yet struggle to make that a reality. Skill gaps and the urgency of rapid delivery often led to manually provisioned and maintained cloud environments, resulting in operational burdens and increased risks.
Organizations such as BOK Financial, which shared its experience at the recent HashiConf Global event in Los Angeles, created an “as-code” operating model with no prior automation or coding experience in the highly regulated FSI sector, while strengthening security, increasing resiliency, and driving efficiencies.
Where security is concerned, a growing number of Asia-Pacific (APAC) organizations are embracing zero trust security initiatives to overcome the challenges of today’s dynamic cyberthreat landscape.
According to the State of Zero Trust Security in Asia Pacific 2022 report, commissioned by Okta and conducted by Pulse Q&A the percentage of APAC organizations that had implemented a zero trust security initiative had grown by 18 points from the 2021 figure to reach 50%. While the rate of zero trust adoption among APAC organizations (18% YoY growth) was lower than the global figure (31% YoY growth), 96% of respondents in APAC have a defined zero trust security initiative in play or in plan for 2022.
While securing data, networks and devices continue to rank as the top priorities among surveyed organizations, a growing proportion recognizes the importance of people to an identity-centric security model. The report found organizations in the APAC region place a greater emphasis on automating the provisioning and deprovisioning of employees and working on privileged access for cloud infrastructure over the coming 18 months.
According to the 2022 HashiCorp State of Cloud Strategy Survey, multi-cloud is now the de facto standard for infrastructure among Asia Pacific (APAC) enterprises, with the leading drivers for this cloud adoption strategy being reliability, digital transformation, scalability, and security and governance.
As organizations move to the cloud and adopt cloud operating models, they require a different approach to security — commonly referred to as zero trust security — where the default security posture is to trust nothing, authenticate and authorize everything. But the gap between legacy security postures and the accelerated move to the cloud is contributing to a significant increase in security breaches.
Globally, according to the survey, 89% of respondents believe security is the number one determining factor for cloud success, which is driving organizations to adopt zero trust security postures.
As HashiCorp’s co-founder and CTO Armon Dadgar put it: “Zero trust security starts with identity.”
“As organizations continue to expand their cloud estates, it’s critical they shift their security strategies to keep up with the growth and complexity of applications, network components, and cloud-based systems,” said Dadgar “At HashiCorp, we have always believed that identity is the foundation for zero trust security for applications, networks, and users.”
HashiCorp’s approach to zero trust security focuses on using identity to secure applications, networks, and people across multiple clouds, on-premises, and hybrid environments, which reduces the attack surface and automates complex security workflows. This ensures everything — from people to machines to services — is authenticated, every action is authorized, and that data is always protected.
Addressing complexities in securing the modern data center
Data center security used to be simpler – secure the perimeters, secure access to the data center, and secure the data in the data center.
In the cloud – with apps and data in transit and at rest – application security, network security and user security become critically important. All these three areas of cybersecurity require zero trust identity and access management:
- Applications: HashiCorp Vault provides a consistent way to manage application identity by integrating across many different platforms and identity providers. Vault enables fine-grained access control and authorization between applications and databases, including dynamically rotating credentials, PKI certificates, and API tokens, while also ensuring application data is always secure in transit and at rest.
- Networks: HashiCorp Consul secures network traffic between applications and services, enabling fine-grained access control policies, observability, and traffic shaping. Consul integrates with Vault’s identity platform to leverage application identity for the policies and to enable dynamic PKI.
- People: HashiCorp Boundary ensures the right people have access to the right systems and cloud services while removing the need to distribute and issue credentials, expose private networks, or manage static credentials. Boundary integrates with Vault to issue just-in-time credentials and ensure ephemeral access to critical systems.
The complexity of multi-cloud deployments lead to many CIOs and IT teams looking for a single pane of glass to manage cloud deployments. According to Dadgar, while these HashiCorp solutions integrate easily with other existing cloud platforms and tools, they also provide that single source of truth for cloud configurations, assets, access and security.
No-code provisioning addresses skills gap
The 2022 HashiCorp State of Cloud Strategy Survey found that skills shortages were ranked as the top multi-cloud barrier for technology practitioners and decision makers. Traditionally, provisioning something immediately useful requires knowledge of infrastructure or networking as well as technical familiarity with configuration language, which can create a barrier to adoption.
The HashiCorp survey highlighted the need to centralize and automate cloud efforts via platform teams to increase operational efficiencies.
In Asia Pacific, skill shortages rank as the top multi-cloud barrier. Respondents noted that skills shortages are exacerbating security risks, driving avoidable cloud spend, and hindering the organization’s ability to operationalise multi-cloud.
“As multi-cloud adoption continues to mature in APAC, we see this reflected in this year’s State of Cloud Strategy Survey and the generational shift that cloud represents for technology, organisational design, and delivery process,” said Grant Orchard, Field CTO, Asia Pacific and Japan, HashiCorp.
“Organizations benefiting from multi-cloud nearly doubled from last year, and the majority of organizations now have a centralized cloud team. Not surprisingly, we saw skills shortages move to the top of the list of cloud blockers, reinforcing the need for cloud platform teams and infrastructure and security automation tools.”
With no-code provisioning, administrators and module publishers can manage a catalog of no-code-ready modules for users like application developers to deploy directly to workspaces.
Developers can self-serve infrastructure from the Terraform private registry by selecting the no-code-ready module they need, entering the required variables, and deploying directly into a new workspace – all without writing HCL. Platform teams can now spend less time servicing repetitive internal requests and spend more time building on existing work to drive innovation and support the business.
This year’s survey also highlighted the growing prevalence of multi-cloud, and shows how organizations are benefiting from a multi-cloud strategy, as they apply a common cloud operating model to realize value from the cloud.
Results also highlight that – besides the skills gap – cloud security, siloed teams, and inconsistent workflows are among the most common challenges hindering multi-cloud operations.
Other key findings for Asia Pacific
- 84% choose multi-cloud: 46% of respondents are already using multi-cloud infrastructures, with an additional 38% saying they will be within the next 12 months.
- 93% say multi-cloud is working: Out of those who have already adopted a multi-cloud approach, the vast majority say it is already helping their organisation advance or achieve their business goals.
- 87% rely on cloud platform teams: Organizations have identified the need for a centralised group such as a cloud platform team or Cloud Center of Excellence (CCoE) to operationalise their cloud efforts with common practices across their organization.
- 96% are overspending in the cloud: Almost all respondents noted avoidable cloud spend. Top reasons for this overspending included idle or underused resources, overprovisioned resources, and a lack of needed skills.