Relevant Results
Sorry, there are no results matching your search.
Autocomplete suggestions are available. Use up and down arrows to review and enter to select.
See more results

A framework for success: Tackling the challenges of multicloud security

The growing necessity of multicloud security

Download PDF
Share

As enterprises increasingly adopt multicloud strategies to optimize operations, managing data security across different cloud environments becomes more complex and critical. The benefits are clear, but so are the risks. Effective protection of multicloud data estates demands identifying and managing sensitive data, overcoming blind spots, and applying consistent security controls. This guide offers an all-encompassing framework to tackle these challenges, so that organizations can secure their multicloud environments effectively.

For an in-depth guide on tackling multicloud data security challenges, download our full PDF.

Dive into our thinking:

A framework for success

Tackling the challenges of multicloud security

Download PDF

Prioritizing Data Security

To effectively secure multicloud environments, organizations must:

  • Understand Their Data: Identify where sensitive data resides across environments.
  • Apply Consistent Security Controls: Implement encryption, access restrictions, and other control measures uniformly.
  • Enforce Governance: Ensure ongoing regulatory compliance and manage data life cycles effectively.
  • Prevent Data Loss: Detect and prevent accidental oversharing using integrated policies and controls.

Discover the Power of a Multicloud Data Estate

A multicloud data estate refers to managing an organization's data across multiple cloud environments.

Here are some key considerations:

  • Alignment: Engage with data governance, legal, compliance, privacy, and business teams to streamline decision-making processes.
  • Platform Management: Minimize the number of technologies and platforms used to manage data.
  • Strategic Risk Management: Identify and mitigate key risks such as lack of visibility, misconfigurations, data leakage, insider threats, unauthorized access, and compliance issues.

A Multicloud Data Governance Framework

Implementing robust data governance can help mitigate common risks:

  • Know Your Data: Conduct scans to identify and classify important data across the cloud environment.
  • Protect Your Data: Use flexible security measures like encryption and access controls that persist even when data moves across platforms.
  • Prevent Data Loss: Monitor high-risk user activity and enforce data loss prevention policies.
  • Govern Your Data: Use centralized data management for retention, deletion, and compliance.

Case Studies

Case Study 1: Sensitive Data Exfiltration from an AWS S3 Bucket

A data engineer accidentally made an AWS S3 bucket public, resulting in a breach. The solution involved:

  • Using Purview: For scans, classification, and applying sensitivity labels.
  • Enhanced Risk Indicators: To detect and alert high-risk misconfigurations.
  • Persistent Labels: To protect data even after being mistakenly shared.

Case Study 2: Sensitive Data Leakage from Azure SQL to Power BI

A banking company exposed sensitive financial data due to lack of persistent security controls. The solution involved:

  • Using Purview: For data discovery, classification, and applying sensitivity labels to SQL databases and Power BI dashboards.
  • Real-Time Alerts: DLP policies to notify on the detection of sensitive data in dashboards.
  • Ongoing Governance: Regular reviews and secure management of data through unified platforms.

Connect with Us

To learn more about securing your multicloud data estate, or for personalized assistance, contact our experts:

  • Raman Kalyan
  • Michael D. Gomez
  • Daniel Hidalgo
  • Jim Wilhelm
  • Ravi Kiran Poluri
  • Venoth Lal
  • Annapurna Saripalli
  • Ryan McGurgan
  • Pankaj Parikh

Insights on cyber security

KPMG professionals are passionate and objective about cyber security. We’re always thinking, sharing and debating. Because when it comes to cyber security, we’re in it together.

Read more

Contact us: Regional leads

Midwest

Kristofer Canto
Manager Advisory, Climate, Data & Tech, KPMG US

Alexandra E Miller
Sr Associate Advisory, ESG Hub, KPMG US

West

Sara Lopez
Sr Associate Advisory, ESG & Climate Advisory, KPMG US

Vivian Chen
Sr Associate Advisory, Accounting Advisory Services, KPMG US

Southwest

Aiden Barenholtz
Sr Associate Advisory, Climate, Data & Tech, KPMG US

Southeast

Cassie Bleick
Sr Associate Advisory, Internal Audit & Entrprise Risk, KPMG US

Breonna Myers
Manager Audit, Center for Audit Solutions, KPMG US

Northeast

Anya Nayak
Sr Associate Advisory, Customer & Operations – Financial Services, KPMG US

Alejandra Gonzalez Vargas
Associate Advisory, Transformation Delivery – Financial Services, KPMG US

Amy Chan
Advisory, Governance, Risk and Compliance, KPMG US

Meet our team

Image of Michael Gomez
Michael Gomez
Principal, Cyber Security, KPMG US
Read bio
Image of Jim Wilhelm
Jim Wilhelm
Principal, Cyber Security, KPMG US
Read bio
Image of Venoth Lal
Venoth Lal
Director, Cyber Security Services, KPMG US
Read bio
Image of Michael Gomez
Michael Gomez
Principal, Cyber Security, KPMG US
Read bio
Image of Jim Wilhelm
Jim Wilhelm
Principal, Cyber Security, KPMG US
Read bio
Image of Venoth Lal
Venoth Lal
Director, Cyber Security Services, KPMG US
Read bio

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2025 KPMG LLP, a Delaware limited liability partnership and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline