Security Experts:

Shifting Boundaries Require a New Approach to Data Center Protection

Trends Including Virtualization, Bring-Your-Own-Device and Cloud Computing are Making Data Center Security Increasingly Complex.

As an IT security administrator in today’s world it’s easy to feel as if you’re losing control over your domain. Trends such as virtualization, bring-your-own-device (BYOD) and cloud computing remove the traditional boundaries that have defined what you need to protect. The comfort of the four walls of the enterprise no longer exists and protecting what’s at the core – the data center – is becoming increasingly complex. Let’s take a closer look at these trends and the threats they can present to the data center.

Data CenterVirtualization: While virtualization promises a host of benefits including reduced operating costs, increased flexibility and energy savings, organizations are only realizing partial benefits due to security concerns. To minimize risk, many organizations have taken a ‘siloed’ approach to deployment where each business application or functional area gets their ‘own’ virtualized environment. However, expansion beyond compartmentalized server virtualization into areas like cross-functional applications – even those that access sensitive data – is on the horizon. A “2011 Virtualization and Evolution to the Cloud Survey” conducted by Applied Research shows growth in 2012 beginning with Web, database and email applications followed by business-critical applications like HR, accounting and ERP. To support this broader adoption and enable organizations to more fully realize the benefits of virtualization, protections and controls similar to those in the physical server world are key.

BYOD: The trend of bringing personal devices, such as smartphones and tablets, to work shows no sign of abating and the impact on the data center is significant. The “2011 Consumerization of IT Study” conducted by IDC found that 40% of IT decision makers say that workers access corporate information from employee-owned devices, but in stark contrast more than 80% of employees indicated they access corporate networks this way. To protect their corporate assets organizations need to close this gap with appropriate security controls, policies and processes.

Cloud computing: For cost-savings and operational efficiencies a large majority of organizations are now moving at least some business activities to the cloud. According to Gartner’s Worldwide Forecast, 2010-2015, Software as a Service (SaaS) is projected to reach $21.3 billion by the end of 2015. With so many applications migrating to the cloud, IT organizations have a lot less control over application usage and versions and a greater potential for vulnerabilities.

Despite these trends and the shifting boundaries they create, you can still exert control—you just need to do so at different levels and in different ways. Following are some guidelines you can use to maintain defenses.

Network layer: Identify technologies that provide deep network visibility and enable you to see all of the devices connected to your network, including such things as mobile devices, network infrastructure, virtual machines and client-side operating system/browser versions. With visibility comes control. Being able to see and understand the risks and vulnerabilities allows you to put policies in place to protect corporate assets.

Application layer: Visibility into applications running both inside the organization and outside from the cloud provides deeper understanding into which applications the business is using, what individuals are using and what is being accessed through a SaaS model. With this knowledge you can understand potential threats to the data center and institute policies to put controls in place that reduce the attack surface. For example, you may find that half of the applications aren’t business related and you can prevent their use. The same is true of applications on employee-owned devices. While you may not be able to limit the installation of an application on the device, you can prevent it from accessing corporate-owned computers or data.

Virtualization: Consider solutions that provide threat visibility between virtual machines (VMs) on the same host and the ability to inspect/protect virtual networks. As organizations take greater advantage of the benefits of virtualization, for example through Virtual Desktop Infrastructure (VDI), application virtualization and support for the dynamic data center, eliminating blind spots and enabling the same level of protection as in the physical world are critical.

Enterprise class management: Centralized security management is extremely difficult to achieve in highly distributed environments. Most vendors offer disparate security solutions for each technology area (mobile, cloud, and virtual) with disparate management systems. Identify solutions that can provide visibility across the entire spectrum of devices and applications and also consolidate management and streamline security policies of physical and virtual infrastructure.

Virtualization, BYOD and cloud computing are here to stay—the efficiencies are too great to ignore. Although you may feel like you’re losing control of the data center as boundaries shift, there’s no reason for that to happen. Technologies that help you see beyond the walls enable you to evolve your security practices in lock step with these trends and maintain control.

view counter
Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Phantom Cyber.