Span Of Control: Securing The Hybrid Cloud

The hybrid-cloud market is expected to more than double to $97.64 billion by 2023 from $44.60 billion in 2018, growing at a CAGR of 17 percent, as organizations are increasingly drawn to the agility, scalability and cost effectiveness of hybrid clouds. Coupled with the ever increasing demand for computing power, the hybrid market is expected to open new avenues for organizations of any size that aim to reduce their total cost of ownership (TCO) for hardware and software as well as to enjoy high flexibility. Analysts expect rapid adoption of the hybrid cloud by businesses in banking, financial services and insurance, as governance, security and compliance are major drivers of business continuity and growth.

With enterprises adopting a multicloud strategy, and many of them using hybrid cloud as a dominant strategic approach, the benefits of hybrid clouds are unrealizable without also considering security. Here’s what you need to know to successfully secure the hybrid cloud and maintain a secure span of control.

Central Security Manageability and Consistent Policy Enforcement

An effective security posture for hybrid clouds revolves around visibility into every system across the multicloud environment. Chief information security officers (CISOs) and decision makers agree that the lack of visibility into end points and workloads is one of the biggest issues, along with deploying adequate security controls.

Central security manageability and consistent policy enforcement across the hybrid cloud enables visibility, and it allows organizations to paint a full security picture of their entire infrastructure from a single control panel. It can also improve the agility of security operations across their entire heterogeneous infrastructure. Identifying vulnerable software, deploying patches and fully understanding how potential threats target the infrastructure is crucial to organizations seeking to increase their cyber resilience.

When Creditsafe, one of the world’s most used suppliers of online company credit reports, was looking for a security solution, it determined it must be able to provide visibility and reporting of outbreaks as well as maintain performance and high virtualization density for optimal efficiency. Experts recommend that all financial-services organizations conduct proof-of-concept trials against multiple security vendors when facing the challenge of securing and managing their hybrid infrastructures, because not all security solutions deliver sufficient performance and support for heterogeneous virtual environments. It’s important to factor in how the security solution will affect consolidation ratios, how quickly it scales, how effective it is at protecting against new and unknown threats, and whether it’s hypervisor agnostic.

Security Automation

Security automation is something many organizations look for but few successfully implement. The reason is that few adhere to an agile approach, such as gradually implementing automation principles to security problems, when automating security. Rushing to deploy an all-in-one security-automation project is never recommended. Although some estimate the security-orchestration industry will reach $1.6 billion, the main reason organizations pursue security automation and orchestration is the increased productivity they think they can squeezed from IT-security staff. Security automation and orchestration can also help enhance the response time, knowledge and experience of security professionals while offloading repetitive tasks.

The main challenges to successfully implementing security automation, however, revolve around integration with legacy tools, multivendor solutions with no holistic approach, poor scalability, high complexity in security and IT architectures, and lack of skilled security staff.

"IDC predicts that by 2020, 30 percent of security spending will be on vendors that provide an integrated platform approach to security," said Sean Pike, program vice president for IDC's Security Products and Legal, Risk, and Compliance programs. "This shift will happen partly because of budget, but mostly because of complexity. Reducing complexity by moving to integrated platforms, whether in the cloud or on premises, supporting a hybrid environment, also provides the potential for enhanced security as companies will make gains in manageability and automation."

Support for Heterogeneous Virtual Environments

Today’s dynamic and heterogeneous virtual data centers run a wide range of operating systems, from Windows to Linux to Solaris, as well as servers and virtual desktops from a mix of virtualization vendors. The hybrid cloud is a peculiar beast, and securing it requires a solution that can maximize the data center’s return on investment as well as deliver out-of-the-box integration with everything without sacrificing performance, security or visibility and without affecting consolidation ratios.

Few options exist to address these challenges and deliver resource-efficient security for any hypervisor and operating system. The role of security tools that can manage these heterogeneous environments and tie them into a one-stop security console has never been more important. With IT and security teams understaffed, overburdened and overwhelmed, security must fill in the gap and reduce administrative overhead by providing integration and manageability through a simplified deployment and configuration process capable of automatically morphing and adapting to each environment.

Support for Virtual-Machine Portability

Virtual-machine (VM) portability is fundamental in hybrid-cloud infrastructures, as it allows organizations to move virtual workloads from one cloud-service provider to another, or between public and private data centers, without significant service downtime. Virtual-machine portability—the ability to move a VM to another physical location if the local server lacks the resources—raises security concerns.

Regardless of whether they're persistent or nonpersistent, VMs should always be protected by a security solution, and security policies should move with them. Transferring less loaded virtual machines to other hosts or spinning up new VMs to handle load spikes should occur seamlessly in a data center, but performance and usability shouldn’t suffer. For both persistent and nonpersistent VMs, a security solution must support VM portability, automatically and instantly applying role-based security policies as soon as the hybrid cloud adds or defines new workloads.

The financial-services industry has embraced digital transformation with open arms; some studies reveal 85 percent of banks are making it a priority for 2018. Quilvest (Switzerland), a leading global wealth manager in Europe, Asia and Latin America that has nearly 320 employees and manages more than $29 billion in assets, recently and steadily moved toward virtualizing its infrastructure. Using Microsoft Hyper-V, Citrix XenServer, and VMware ESXi hypervisors, as well as Citrix XenDesktop and XenApp solutions for desktop and application virtualization, it required a layered next-generation security architecture for protecting its physical and virtual workstations and servers.

After deploying a security solution that met its demands, Quilvest saw considerable benefits, including a seven-percent increase in hardware performance, reduced capital expenditures from the postponement of additional hardware purchases, an estimated 10 percent lower security-related ticket volume, and protection from advanced cyberthreats across its entire infrastructure.

Flexible Licensing Models

Any security solution that has flexible licensing models will have financial advantages. Just as hybrid infrastructures have specific security needs, security licensing should follow the same principles, as not all infrastructures are equal in terms of running environments—both physical and virtual.

Flexible security licensing allows organizations to plan operational costs on the basis of requirements. For example, why purchase licenses that you stockpile and never use when you can simply acquire and release them as needed? This flexibility enables organizations to scale organically rather than commit financially to something they might not need or fully use. But managing the licensing inventory by adding new licenses or removing unused ones as the infrastructure scales should also be a streamlined process that’s transparent to IT departments and security teams.

In the end, securing the hybrid cloud should be about having complete visibility over the organization’s security posture, with security being an enabler for the hybrid cloud’s benefits.

About the Author

hybrid cloud>Liviu Arsene is a Global Cybersecurity Analyst for Bitdefender and has a strong background in security. He has worked closely with cross-company development teams, as his past product-manager role involved understanding Bitdefender’s technology stack.

Reporting on global computer-security trends and developments, he focuses on malware outbreaks and security incidents while coordinating with technical and research departments. His passions revolve around innovative technologies and gadgets, centering on their security applications and long-term strategic impact. When he’s not online, he’s either swimming or jogging.

Source :

Thanks for visit my website
Span of Control: Securing the Hybrid Cloud
Securing the federal hybrid cloud
Cisco, Amazon marriage simplifies hybrid cloud app development
Univa Accelerates Enterprise Migration of HPC Workloads to the Cloud
Cavirin Auto-Remediation Workflows Help Hybrid Cloud Enterprises Maintain Golden Security Posture
QTS Hybrid Colocation Chosen to Power TruBridge HIPAA Compliant Cloud Infrastructure
SonicWall secures hybrid clouds to include zero-touch deployment, secure SD-WAN for enterprises, SMBs
Future of Dedicated hosting in the cloud era
Hybrid Cloud Storage Buying Guide
SonicWall secures hybrid clouds by simplifying, enhancing deployment for enterprises and SMBs