Securing the hybrid data centre

Against the backdrop of the rise of the remote workforce and the growing prevalence of sophisticated attacks such as ransomware, zero day malware and supply chain attacks, CISOs have been forced to rethink their security architecture. Today, with the need for distributed applications to support their business and security needs, organisations are leveraging hybrid data centres and security architectures. By Ian Porteous, Regional Director, Security Engineering, UK&I at Check Point Software Technologies.

A hybrid data centre combines on-premise and cloud-based infrastructure with orchestration that allows data and applications to be shared between them over the network, enabling organisations to experience the capabilities and benefits of both. Hybrid data centres span public and private clouds and on-premise environments, and organisations that have adopted this approach need to ensure cybersecurity resilience, security visibility and ease of security management across the entire architecture.

No longer just the data centre, but also the cloud

Ultimately, the differing natures of the on-premise data centre and cloud means that organisations need to ensure security and operational parity across the entire architecture. When organisations have their own data centre architecture, it means this has been developed over a long period of time and the security controls they have in place are mature and work very well. However, when they move inside the public cloud, teams need to be aware of the shared responsibility model when it comes to securing assets. While cloud providers may provide some degree of security and have performance agreements offering some shared culpability, at the end of the day, organisations are still responsible for the data, and cannot be absolved from legal or other ramifications in the event of a cybersecurity incident.

Migrating services very quickly to the cloud can also invariably create a less resilient environment because of the specific security requirements of the cloud. Even a minute change made by the provider or the organization can affect its security posture. For example, when a business creates a data base server instance in the cloud that has direct access to the Internet, this puts the data at risk of exposure. Cloud security posture management is key, and having visibility into where the data is residing and the traffic crossing the cloud environment is important.

Effectively securing the hybrid data centre

So what should organisations consider when looking at solutions to secure their hybrid data centre? Here are six factors to take into consideration:

•Security for hybrid data centers must be unified and offer a single interface for monitoring and managing the security of multi-cloud and on-premises assets.

•As organizations adopt DevOps, they need security that can keep pace. This requires support for automation, including integration with CI/CD pipelines, programmatic management, automated incident response workflows, and dynamic updates that eliminate the need for humans in the loop.

•Hybrid data centers are complex ecosystems, requiring deep and granular visibility and security management. Securing these environments requires the ability to perform in-depth traffic inspection including tailored threat intelligence, content, code and image analysis, monitoring user and app interactions, configuration changes and other account activity.

•Cloud environments provide access to dynamic and flexible infrastructure. Securing hybrid data centers requires solutions that can grow with the needs of the business.

•Data centers offer high availability and redundancy to support business functions. Security must provide the same guarantees to minimize disruption to operations.

•Hybrid data center security solutions should ingest data from across the entire environment and use it to develop adaptive and context-aware security policies that ensure consistent security across the board. These policies should adapt dynamically to reflect changing configurations of the data center’s infrastructure minimizing the need for manual change controls where possible.

The modern data center and network require the flexibility of a hybrid cloud security architecture that uses automation and artificial intelligence (AI) to scale threat prevention performance on demand on premise and in the cloud, with a simplified and unified management system. Organisations should adopt a security framework that encapsulate as many security layers as possible, to reduce the possible attack or intrusion surfaces from threat actors, and to afford effective resilience actions whenever security policies are breached.

Research finds signs of mounting business disquiet as the hyperscalers prioritise profits over user-friendly billing tools.
A large surge in data centre supply across the FLAP market and an anticipated record-breaking year overall means facility operators must explore distributed energy solutions to avoid potential disruption from under-strain power grids.
Equinix has opened its first Co-Innovation Facility (CIF), located in its DC15 International Business Exchange™ (IBX®) data centre at the Equinix Ashburn Campus in the Washington, D.C. area. A component of Equinix’s Data Centre of the Future initiative, the CIF is a new capability that enables partners to work with Equinix on trialling and developing innovations. These innovations, such as identifying a path to clean hydrogen-enabled fuel cells or deploying more capable battery solutions, will be used to help define the future of sustainable digital infrastructure and services globally.
Newly-formed 11:11 answers cloud market’s call for a single, trusted vendor to manage and monitor hybrid infrastructure.
BT and Rackspace Technology have formed a partnership agreement to transform BT’s multinational customers’ cloud services.
Mainstream adoption of artificial intelligence and increased equipment integration also likely, according to Vertiv experts.
As the world increasingly turns its attention to the action required to limit the damage being done to the environment by human activity, the data centre sector is getting to grips with the role it must play in reducing carbon emissions. Energy consumed by data centres is attracting more attention as a matter of concern, as global computing capacity continues to rapidly increase. Already, data centres use an estimated 200 terawatt hours (TWh) each year, more than the national energy consumption of some countries.
Veritas Technologies has published the findings of new research highlighting the damage that workplace blame cultures are having on the success of cloud adoption. Veritas found that UK businesses are losing critical data, such as customer orders and financial data, because office workers are too scared or too embarrassed to report data loss or ransomware issues when using cloud applications, such as Microsoft Office 365.