Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Securing the hybrid data centre

by maria

By Ian Porteous, Regional Director, Security Engineering, UK&I at Check Point Software Technologies.

Against the backdrop of the rise of the remote workforce and the growing prevalence of sophisticated attacks such as ransomware, zero day malware and supply chain attacks, CISOs have been forced to rethink their security architecture. Today, with the need for distributed applications to support their business and security needs, organisations are leveraging hybrid data centres and security architectures.

A hybrid data centre combines on-premise and cloud-based infrastructure with orchestration that allows data and applications to be shared between them over the network, enabling organisations to experience the capabilities and benefits of both. Hybrid data centres span public and private clouds and on-premise environments, and organisations that have adopted this approach need to ensure cybersecurity resilience, security visibility and ease of security management across the entire architecture.

No longer just the data centre, but also the cloud

Ultimately, the differing natures of the on-premise data centre and cloud means that organisations need to ensure security and operational parity across the entire architecture. When organisations have their own data centre architecture, it means this has been developed over a long period of time and the security controls they have in place are mature and work very well. However, when they move inside the public cloud, teams need to be aware of the shared responsibility model when it comes to securing assets. While cloud providers may provide some degree of security and have performance agreements offering some shared culpability, at the end of the day, organisations are still responsible for the data, and cannot be absolved from legal or other ramifications in the event of a cybersecurity incident.

Migrating services very quickly to the cloud can also invariably create a less resilient environment because of the specific security requirements of the cloud. Even a minute change made by the provider or the organization can affect its security posture. For example, when a business creates a data base server instance in the cloud that has direct access to the Internet, this puts the data at risk of exposure. Cloud security posture management is key, and having visibility into where the data is residing and the traffic crossing the cloud environment is important.

Effectively securing the hybrid data centre

So what should organisations consider when looking at solutions to secure their hybrid data centre? Here are six factors to take into consideration:

  • Security for hybrid data centers must be unified and offer a single interface for monitoring and managing the security of multi-cloud and on-premises assets.
  • As organizations adopt DevOps, they need security that can keep pace. This requires support for automation, including integration with CI/CD pipelines, programmatic management, automated incident response workflows, and dynamic updates that eliminate the need for humans in the loop.
  • Hybrid data centers are complex ecosystems, requiring deep and granular visibility and security management. Securing these environments requires the ability to perform in-depth traffic inspection including tailored threat intelligence, content, code and image analysis, monitoring user and app interactions, configuration changes and other account activity.
  • Cloud environments provide access to dynamic and flexible infrastructure. Securing hybrid data centers requires solutions that can grow with the needs of the business.
  • Data centers offer high availability and redundancy to support business functions. Security must provide the same guarantees to minimize disruption to operations.
  • Hybrid data center security solutions should ingest data from across the entire environment and use it to develop adaptive and context-aware security policies that ensure consistent security across the board. These policies should adapt dynamically to reflect changing configurations of the data center’s infrastructure minimizing the need for manual change controls where possible.

The modern data center and network require the flexibility of a hybrid cloud security architecture that uses automation and artificial intelligence (AI) to scale threat prevention performance on demand on premise and in the cloud, with a simplified and unified management system. Organisations should adopt a security framework that encapsulate as many security layers as possible, to reduce the possible attack or intrusion surfaces from threat actors, and to afford effective resilience actions whenever security policies are breached.