Understanding the modern security model: How to stay proactive
The importance of data and its integrity has introduced a new paradigm around cloud security and controls. Now, the loss of data can have massive repercussions for an organization. Security administrators have been tasked with keeping data safe and constantly ensuring that their cloud environment stay secure.
Now – is that possible to do 100% of the time? Probably not. But staying proactive can be an absolute life saver. Let me give you an example — In speaking with a friend recently, he told me that they had a part of their VPN compromised when Heartbleed happened. However, in using powerful IPS/IDS technologies – he was able to find the bots on his network hitting the impacted VPN instances. Although some credentials were leaked, the sheer speed at which he was able to catch the issues helped the very large organization prevent anything major from actually happening. He was able to block IPs, bots, and malicious services even before a fix for Heartbleed was released.
What if there was a vulnerability within a VM? How quickly can you stop traffic flow? How quickly can you stop an attack from directly from your hypervisor? What can you do to maintain a proactively secured and compliant cloud model? With all of these questions in mind – let’s look at a few ways to keep your cloud and virtual environment proactively secure.
- Incorporating distributed security solutions. One major aspect of cloud computing is its very distributed nature. So how do you manage security when your entire environment is so dispersed? This is where Cloud Security management solutions can really help out. Basically, cloud-ready security management allows you to create a multi-tenant environment capable of VM isolation, agentless AV, and even the deployment of virtual firewalls. Remember, one of the greatest features of a distributed security solution will be your ability to manage a cloud environment from one location.
- Creating “internal” security customers. Your organization has different divisions and departments – your security solution should be flexible to accommodate the diversity of your business structure. This means working with a security solution capable of intelligent security segmentation. Here’s the important part – it has to happen at a VM and user level. Imagine being able to deploy an agile virtual firewall for a specific group of VMs based on their requirements or what resources they have allocated. Or, in a Microsoft environment, being able to have granular control over each virtual machine using the Hyper-V Extensible Switch (no agent required). You’re basically creating powerful, kernel-level, security features within a segmented virtual infrastructure. By doing so, you create a proactive platform where issues can be caught before they spread to other segments of your cloud.
- Compliance, reporting, and auditing. One great way to stay proactive is to remain compliant with key industry requirements. Furthermore, having a good auditing practice allows you to quickly catch and remediate issues before they become major problems. Security requirements for cloud providers in a virtual environment are highly complex and must support a unique business model. Multi-tenant security must be managed by virtual machine, customer, and organizational unit, and maintaining a high quality of service level is required on a granular basis. To maintain compliance, organizations must effectively collect and audit data on each virtual machine—and control and protect intra VM traffic. This is where an integrated security solution comes into play. Not only are you creating policies to secure your virtual infrastructure – you’re also creating good compliance, reporting and auditing practices. In having access to better reports with more granular data, you are working with the capability of knowing more about the security of your data – and how to keep it proactively secure.
Your capability to catch a security problem before it becomes a massive issue greatly revolves around the proactive nature of your security model. Fast, agent-less, technologies are capable of scanning for threats before they even hit your virtual machine. Now, not only are you creating a more secure platform – you’re also improving efficiency. Maintaining granular security control at the virtual layer allows you to become more proactive and respond much faster.
Bill Kleyman, virtualization solutions architect