Continuous Compliance model for Hybrid Multi-Cloud through Self-Service Orchestrator

Cloud Computing offers instant Infrastructure for the needs of Application & Development teams, software development phase accelerated with the adaption of DevOps model. DevOps model key tenets of success are Self-Service, Permission to act, Guardrails and Trust. Since the current Cloud Computing trend is moving towards Hybrid Multi-Cloud the Multi-Tenant phenomenon as well geared up to meet the agile business needs. The Security team's strategy for DevOps, especially related to its Self-Service tenet needs an immediate review. According to the survey in 2019, around 90% of enterprises use some type of Cloud Service; around 50% already adapted Hybrid Multi-Cloud; still 67% security teams had lack of visibility into their cloud infrastructure, security and compliance. Attacks due to Misconfigured Cloud environments was the main cause of data theft Security Incidents. Popular Incidents related to Amazon about Facebook accounts leak and Microsoft about data theft related to Box accounts primary cause is misconfiguration of the concern parties. Hence, Post-Deployment Compliance checks does not suffice the needs of required Security for Hybrid Multi-Cloud environments. Continuous and Pre-Deployment Compliant Self-Service solution for Hybrid Multi-Cloud with appropriate design and implementation procedure is the objective of this paper.