Bitdefender’s Liviu Arsene looks at securing hybrid infrastructure, telling CBR that hybrid cloud security is indeed achievable.
The financial and operational benefits presented to IT decision makers by hybrid cloud implementations have made this technology phenomenon hard to ignore. At the same time, CIOs and CSOs remain concerned about the security challenges raised by hybrid infrastructures, with at least half (50 percent) of them expressing concern and deep concern regarding how the security aspect can be managed, according to a recent Bitdefender survey.
Backups and virtual machine (VM) snapshots, deployed across hybrid infrastructures,
are a major concern for 57 percent of respondents. In addition, a further 54 percent also suggest that the security of in-transit data to be another major concern. These fears surrounding hybrid cloud implementations are well placed, as securing this infrastructure requires additional IT skills, knowledge and thinking.
First Things First – Endpoint Security
Both physical and virtual endpoints need security solutions. However, security solutions for virtual endpoints have completely different requirements, as it needs to prove to have minimal performance impact (e.g. RAM, CPU) on the VM, as increased resource consumption also increases costs. Thankfully, some security vendors offer minimum VM performance impact and a high security standard through offloaded scanning or hypervisor introspection technologies, that guarantee the integrity of the VM.
Because public cloud providers are mostly committed to offering infrastructure availability, it’s up to each customer to manage the security and configuration aspects of that infrastructure. That’s why a centralised security management console, that can report security aspects from both public and private infrastructure, is worth considering. Managing the security of a hybrid cloud should not be obstructed by fragmented security management consoles, because this will again increase operational costs.
Data Redundancy and SLAs
Business continuity is critical and backups can help an organisation recover a lot faster in case of natural disasters, software malfunctions and cyber attacks. This makes data redundancy a critical aspect of securing hybrid infrastructure and mitigating security risks. After all, having data distributed across more than one datacenter makes a lot more sense than putting all your eggs in one basket, so to speak.
Having a properly created service-level agreement (SLA) in place is essential too. The right SLA will ensure that your chosen public cloud service provider matches the availability and performance of the private cloud. This is important because it will define what services and data a company can place in the public cloud. Managing security risks associated with a hybrid cloud also involves dealing with SLAs and knowing how data is stored and transported across infrastructures.
Encryption and Access Control
Because hybrid infrastructures require data to sometimes fluidly move between private and public clouds, encryption is vital both at rest and in transit. Data stored either in the public or the private cloud must always be encrypted while employing reliable virtual private networks (VPNs) and strong authentication for in-transit data.
Of course, controlling access to mission-critical data and services is also recommended, as some information could be sensitive enough only to be handled by a handful of people. To that end, access control lists (ACL) and certificate-based authentication can also boost security while allowing IT departments to easily manage access permissions for either individual employees or groups of employees.
Security Risk Assessment
With hybrid infrastructures relying on a wide range of applications and communication protocols for seamless data availability, it also raises security concerns in terms of having visibility into network traffic. Intrusion detection and protection systems, along with log monitoring, network traffic introspection and SIEM (Security Information and Event Management) allows for better handling and investigation of network anomalies and security risks.
However, because some organisations might have a large pool of physical and virtual appliances, from software to fragmented hardware, such as IoT sensors – the level of granularity offered by these tools can sometimes overwhelm IT administrators. Machine learning algorithms — commonly referred to as artificial intelligence — are great at parsing large quantities of data and spotting anomalies.
Since hybrid infrastructures are undoubtedly difficult to assess from a security perspective, security-trained machine learning algorithms can help identify potential risks and threats pertaining to hybrid infrastructures. Behaviour analytics and anomaly detections are practical applications for machine learning algorithms and can help add an extra layer of visibility — in terms of security — to hybrid infrastructures better than traditional security mechanisms and tools.
Hybrid Cloud Security is Achievable
Despite concerns of CIOs and CSOs over the breadth of security challenges they may face when implementing hybrid infrastructures, it’s not impossible. Adhering to good practices, focusing on privacy and critical data identification, and constantly testing and re-evaluating security capabilities is vital in building and maintaining the security of hybrid cloud deployments.
While it may seem like a lot of effort, operational and financial benefits could sway decision makers towards embracing hybrid infrastructures. Rapid business growth is a persuasive argument in going hybrid, rather than supporting and managing a fully on-premise cloud – as long as it’s done with security in mind.