a person standing in front of a building
Blog Sponsored By Fortinet
Sponsored Content

Retailers Continue to “Lean In” to the Cloud to Win the Battle on Multiple Fronts

Courtney Radke
National Retail CISO, Fortinet
Courtney Radke profile picture

Retailers must take steps to ensure safe and consistent customer experiences delivered via the cloud.


Big or small, almost every retail business has some sort of cloud strategy that is being enacted on now or is on the roadmap. As Retailers continue digital transformation initiatives in an effort to reach their customers and provide omni-channel experiences, a move from on-premises infrastructure to the cloud is a logical choice. Usually, this means leveraging a dynamic multi-cloud strategy to effectively build and deploy business applications at scale and speed, making the importance of consistently securing this heterogenous environment more critical. Furthermore, by leveraging public IaaS and SaaS infrastructures, the attack surface increases beyond application and platform layers to attacks targeting misuse and misconfiguration of the cloud network infrastructure. Compounding the challenges and complexity associated with managing of a heterogenous cloud technology stack is the lack of skilled professionals. This means retailers traditionally struggle with implementing best practices across their entire cloud environment.

Figure 1. Cloud Security Adapts to the Application Location
background pattern

The Cloud Shared Responsibility Model Must Be Clearly Understood

Adaptive Cloud Security is all about securing infrastructure, applications, and data on any cloud. While the move to public cloud has been occurring for some time now because of the increased pace and scale of cloud migration, we have found that many retailers are getting a crash course on the cloud shared responsibility model. 

Much like SD-WAN, many assume that the cloud comes with all of the inherent security necessary to protect their environments from threats. While there are Secure SD-WAN solutions with fully embedded and integrated security available it many require bolt-ons or overlays to provide necessary protections the businesses need. The same can be said for security in public cloud environments.

Cloud providers are very good at protecting the availability and, in many cases, the security of infrastructure but do little to provide application, platform, or network security. To put it differently, cloud providers do a good job at controlling access and protecting their environments from harm brought on by threats to customer workloads and those that may impact the uptime and availability of other customers. This means additional security and controls are needed to protect the growing number of applications and data flowing through your cloud environments on a daily basis. To be clear, while moving to (or expanding into) the cloud isn’t in and of itself risky per se, steps do need to be taken to ensure what you put into the cloud (and what you deliver from it) is secure.

Securing Any Application, Platform, or Network with Adaptive Cloud Security

The key is tackling the problem head-on and taking a holistic approach to addressing the intersection of these challenges. By utilizing a platform approach when securing cloud environments, companies have the ability to confidently deploy any application, on any cloud, while implementing ubiquitous advanced security for every cloud.

Application – Organizations require business logic aware security to minimize operational overhead and false positives while dynamically adapting to rapid application iterations and changes. Deploying web applications firewalls (WAF) to front applications and utilizing application delivery controllers and load-balancing; businesses ensure availability, performance, and security of their critical and customer facing workloads.

Platform – Multi-cloud awareness and security posture management between cloud is important as data is constantly in motion and continues to grow exponentially. Likewise, the ability to effectively mitigate cloud platform misconfigurations using cloud workload protection (CWP) allows companies to more easily adhere to data privacy regulations and ensure they maintain customer trust by showing good data stewardship.

Network – Often seen as a formality, the complexity of multi-cloud networking has been known to lead to inefficiencies, bottlenecks, and security gaps when not implemented effectively. Deploying virtual or “as a Service” firewalls in the cloud allows businesses to securely connect workloads, segment networks, and protect cloud resources from known and unknown attacks. Implementing a multi-cloud SD-WAN solution can further simplify cloud networking ensuring businesses can scale their cloud workloads at the speed of the business.

Winning the Battle on Multiple Fronts

With e-commerce accounting for more sales than ever before and 84% of retail organizations having more than 10 Software-as-a-Service environments*, the balance has clearly shifted. But as the environment normalizes, retailers must be ready to support the customer however they choose to interact with the business. No longer just about the in-store experience or online interactions alone, but the marriage of both. This means organizations must continue to adapt to new markets and pivot to new operational models while keeping up with existing initiatives.

As many retailers point to complexity as the top barrier to security, it is critical that security investments natively integrate to cloud platforms and offer streamlined management and automation capabilities across multi-cloud environments; as well as throughout the enterprise landscape including branches and data centers. This consistency helps retailers execute on digital innovation initiatives without compromising security or performance.


2019 Thales Data Threat Report Retail Edition,” Thales, September 24, 2019*

More Blog Posts In This Series