Securing the hybrid data centre

Against the backdrop of the rise of the remote workforce and the growing prevalence of sophisticated attacks such as ransomware, zero day malware and supply chain attacks, CISOs have been forced to rethink their security architecture. Today, with the need for distributed applications to support their business and security needs, organisations are leveraging hybrid data centres and security architectures. By Ian Porteous, Regional Director, Security Engineering, UK&I at Check Point Software Technologies.

A hybrid data centre combines on-premise and cloud-based infrastructure with orchestration that allows data and applications to be shared between them over the network, enabling organisations to experience the capabilities and benefits of both. Hybrid data centres span public and private clouds and on-premise environments, and organisations that have adopted this approach need to ensure cybersecurity resilience, security visibility and ease of security management across the entire architecture.

No longer just the data centre, but also the cloud

Ultimately, the differing natures of the on-premise data centre and cloud means that organisations need to ensure security and operational parity across the entire architecture. When organisations have their own data centre architecture, it means this has been developed over a long period of time and the security controls they have in place are mature and work very well. However, when they move inside the public cloud, teams need to be aware of the shared responsibility model when it comes to securing assets. While cloud providers may provide some degree of security and have performance agreements offering some shared culpability, at the end of the day, organisations are still responsible for the data, and cannot be absolved from legal or other ramifications in the event of a cybersecurity incident.

Migrating services very quickly to the cloud can also invariably create a less resilient environment because of the specific security requirements of the cloud. Even a minute change made by the provider or the organization can affect its security posture. For example, when a business creates a data base server instance in the cloud that has direct access to the Internet, this puts the data at risk of exposure. Cloud security posture management is key, and having visibility into where the data is residing and the traffic crossing the cloud environment is important.

Effectively securing the hybrid data centre

So what should organisations consider when looking at solutions to secure their hybrid data centre? Here are six factors to take into consideration:

•Security for hybrid data centers must be unified and offer a single interface for monitoring and managing the security of multi-cloud and on-premises assets.

•As organizations adopt DevOps, they need security that can keep pace. This requires support for automation, including integration with CI/CD pipelines, programmatic management, automated incident response workflows, and dynamic updates that eliminate the need for humans in the loop.

•Hybrid data centers are complex ecosystems, requiring deep and granular visibility and security management. Securing these environments requires the ability to perform in-depth traffic inspection including tailored threat intelligence, content, code and image analysis, monitoring user and app interactions, configuration changes and other account activity.

•Cloud environments provide access to dynamic and flexible infrastructure. Securing hybrid data centers requires solutions that can grow with the needs of the business.

•Data centers offer high availability and redundancy to support business functions. Security must provide the same guarantees to minimize disruption to operations.

•Hybrid data center security solutions should ingest data from across the entire environment and use it to develop adaptive and context-aware security policies that ensure consistent security across the board. These policies should adapt dynamically to reflect changing configurations of the data center’s infrastructure minimizing the need for manual change controls where possible.

The modern data center and network require the flexibility of a hybrid cloud security architecture that uses automation and artificial intelligence (AI) to scale threat prevention performance on demand on premise and in the cloud, with a simplified and unified management system. Organisations should adopt a security framework that encapsulate as many security layers as possible, to reduce the possible attack or intrusion surfaces from threat actors, and to afford effective resilience actions whenever security policies are breached.

Konesh®, a company that provides managed services for accounting and tax procedures, has selected Rackspace Technology to develop its cloud services infrastructure.
32 percent of manufacturing companies have achieved cloud leader status, compared to 18 percent across all other industries.
New ‘Hyper Cloud Data Centre’ in Rome will be the capital’s largest when building completes in early 2023.
Oracle Cloud Infrastructure services are now available from Oracle Paris Cloud Region in Interxion’s Paris Digital Park (IPDP), the largest data center campus in France, located less than three kilometers from Paris.
The Schneider Electric University will help data centre professionals upskill by offering free guidance on the latest technology, sustainability, and energy efficiency initiatives.
Businesses in the region can now tap into the power of the Lumen platform to deploy applications and workloads at the cloud edge.
Move ensures the news organization can support the delivery of digital content to all regions across Mexico during periods of breaking news and high traffic on the website.
Strategic agreement will enable global retailing house to create stronger omnichannel customer experiences and optimise internal supply chains through an enterprise data backbone and advanced AI/ML capabilities.