Protecting Your Agile Data Center: You Can't Fight the New War With Old Tools

Protecting Your Agile Data Center: You Can't Fight the New War With Old Tools

Data infrastructure and function has experienced a paradigm shift with the enterprise progressing steadily in the age of cloud, apps and mobility, marking the end of the “perimeter” era for the computing environment. Yesterday’s firewalls are no longer a solution for today’s agile data center and securing information has become more difficult than ever. Especially as cyber criminal activities continue to evolve and traditional methods of protection become obsolete, it behooves CIOs and CISOs to find a new solution to protect the data center and the critical information assets it houses.

Data infrastructure and function has experienced a paradigm shift with the enterprise progressing steadily in the age of cloud, apps and mobility, marking the end of the “perimeter” era for the computing environment. Yesterday’s firewalls are no longer a solution for today’s agile data center and securing information has become more difficult than ever. Especially as cyber criminal activities continue to evolve and traditional methods of protection become obsolete, it behooves CIOs and CISOs to find a new solution to protect the data center and the critical information assets it houses.

Legacy technology can only tell you that someone on your network is using Google Apps or deploying a service on AWS, but there needs to be a way to see more precisely what information is downloading, what data is being accessed, where the previously unplanned entrances are, and so on. Organizations need to be able to determine what traffic is ‘good’ or ‘bad’ from within it’s computing environment or risk facing the consequences.

But with the proliferation of the cloud, mobile, and Internet of Things (IoT), information continues to be virtualized and mobilized, and blind spots unknowingly created, sitting undetected and vulnerable to new attack vectors. Static protection is no longer adequate and many emerging agile cloud-based products can’t monitor laterally moving traffic within virtual environments. So what will be the next step in solving this problem – is it about the current solutions or rather a better approach to solve this problem?

The New Frontier

Transferring data across multiple cloud environments, mobile devices, and different data centers appears to be simple and cost effective, however, protecting and auditing these solutions is complex. Information has taken new life as a dynamic feature without boundaries, and growing trends, like virtualization along with the six billion mobile devices attached to the Internet, speak to how computing is now outside of the data center. CIOs should embrace these emerging trends in order to stay competitive, particularly as adoption of new technology continues to move faster than ever before. By embracing virtualization technologies, the agile data center evolved and now it is time for CIOs to do the same.

Unfortunately, when the move towards this model occurred, there was a decomposition of applications coupled with the ability to move workloads in near real-time from VM to VM. This development resulted in an environment of commingled servers and services – sometimes on the same machine and others on different machines connected via virtualized applications. It’s a good system but it lacks one thing – visibility into traffic patterns that are now shifting inside the data center, often referred to as ‘east / west’ traffic. It’s not enough to have safety parameters like load balancers, firewalls and analytics engines because they lose utility in environments lacking perimeters and entirely miss what’s happening within the network. Before organizations are able to truly harness the new trends and technologies, organizations must solve the multi-dimensional issue of building information security and compliance controls as traditional methods of data safekeeping persist in their shortcomings.

Defending the Agile-Data Center with Distributed-Based Solutions

Principally, IT Operations analysts have to see the laterally moving traffic and data on their network – whether on-premise or in the cloud – not just where they think the traffic, visitors and data should be, but everywhere data is stored, processed, or transmitted. This must be achieved even as applications, devices, servers and clouds are spun up, or decommissioned.

While most security technologies have not evolved over the past decade to meet this need, new cloud-based security technologies designed for the virtual, mobile and automated environments will protect data that old solutions fail to even see. They will be key as security threats now occur through multiple vectors and go undetected for months. A recent report from Mandiant found that advanced malware attacks now live inside the enterprise for an average of 243 days before detection.

By providing a more efficient and cost effective method for CIOs and CISOs to monitor growing, widespread traffic, IT teams can focus on leveraging new cloud-based technologies and applications that will liberate their workforce to engage with them when and how they like – without fear of exposure.

A piece of advice to the CIOs and CISOs running today’s enterprises:

  • The perimeter is gone – Securing an application or a server is the wrong way to go. Information Security has now become a comprehensive issue, which needs to be driven from the Board of Directors and Executives throughout the organization.
  • Better visibility – You can’t protect what you can’t see. Being able to visualize traffic externally and internally in your data center environment is critical. Knowing where your data is stored, processed, or transmitted will assist in identifying potential blind spots.
  • Rethink your approach – You can’t fight a new war with old tools – it’s imperative you review emerging technologies that will provide you the opportunity to understand what happens when cyber criminals access your computing environment.

Demetrios Lazarikos is the IT Security Researcher and Strategist at Blue Lava Consulting.