AWS re:Invent 2025 - Multicloud security best practices (HMC318)

Multicloud Security Best Practices

Defining Multicloud

• Multicloud refers to an organization operating in two or more cloud service providers
• Common business drivers for adopting a multicloud strategy include:
  • Mergers and acquisitions
  • Differentiated cloud capabilities
  • Regulatory requirements
  • Integrating with independent software vendors (ISVs)
• Regardless of the driver, the constant challenge is maintaining governance, security, and compliance across the multicloud environment

Key Considerations for Multicloud Security

• Understanding your current security operations and readiness to expand to multicloud
• Determining ownership of security response, monitoring, and incident management across clouds
• Identifying multicloud-compatible security tools and technologies
• Aligning security teams, processes, and responsibilities across cloud providers
• Enforcing consistent data governance and protection policies

Recommended Multicloud Security Approach

1. Adopt a Multicloud Security Framework: Use a cloud-agnostic framework like NIST CSF to define security outcomes, not just implementation details
2. Centralize Identity and Access Management: Establish a single source of truth for federated user authentication and authorization across clouds
3. Automate Data Security and Protection: Leverage data security posture management (DSPM) tools and cloud-native security controls to discover, classify, and protect data
4. Centralize Logging and Monitoring: Implement a security information and event management (SIEM) system to provide visibility and incident response capabilities across the multicloud environment
5. Leverage Specialized Teams and Tools: Build dedicated multicloud security teams or leverage cloud-agnostic security tools to extend expertise and capabilities

Key Benefits and Challenges

Benefits:

• Consistent security policies and outcomes across clouds
• Improved user experience with centralized identity management
• Automated data discovery, classification, and protection
• Consolidated visibility and faster incident response

Challenges:

• Upfront investment and complexity in setting up multicloud security
• Cost management for tools, data, and cloud egress
• Ensuring timely log ingestion and analysis
• Overcoming siloed security teams and tool deployments

Takeaways and Next Steps

• Security requirements and outcomes remain consistent regardless of cloud provider
• Start with a cloud-agnostic, high-level security framework and focus on outcomes, not implementation details
• Leverage existing security tools and teams, extending their capabilities to the multicloud environment
• Prioritize data governance and protection, as data becomes more distributed across clouds
• Explore AWS resources and partner solutions to help guide your multicloud security journey