General enquiries :
+44 (0)20 7602 6000

NOW IS THE TIME TO RETHINK YOUR APPLICATION SECURITY – Part 2

Friday 1 February 2019 Virtualisation

1

Yordan Yanev's picture
By Yordan Yanev

In my first blog of this series, I talked about the increasing demand on IT departments to do more with less in the face of new threats to their networks. I also discussed how IT departments now need to think & act like cloud service providers to cope with increasing business demands.

In this blog, I’ll discuss further ways that you can protect your network.

HARDENING THE DATA CENTRE PERIMETER IS NO LONGER ENOUGH

Legacy security technologies can’t stop threats from spreading laterally after they’ve breached the data centre perimeter. Legacy security technologies that require manual deployments and configurations can’t keep pace with dynamic, distributed applications.

A modern approach to security must be just as ubiquitous and agile as the applications themselves. To create a more secure network, you must restructure your infrastructure in a way that allows all data to be protected regardless of where it sits.

The emphasis on traditional data centre network security has been almost exclusively on protecting the perimeter. This model offers little or no protection against the most common threats that originate inside the perimeter, spread throughout the data centre and effectively nullify the strong security around it. These attacks could be very damaging and costly for your business.
 

Sophisticated and targeted attack vectors, methodologies and technologies can exploit apps & data and lead to data breaches or outages with an average cost of around £700,000.

Nowadays, ensuring the security of digital assets, applications and data is probably the biggest pain your team has – and that never goes away. Historically, a common behaviour across most organisations has been to spend huge upfront CapEx sums into perimeter security solutions such as firewalls and appliances for intrusion detection, assuming that this will prevent breaches and keep the threats away.

Well, as I said earlier, we can see that this model does not work anymore, as the attacks have multiplied and have become more sophisticated.
Aside from this, the modern data centre architecture landscape is evolving at a rapid pace with the adoption of the software-defined data centre, multi-cloud, mobile computing devices and IoT. An ideal security solution should protect traffic flows through both internal and external networks, allowing only the traffic flows required for business application function. This is called the zero-trust model -  a traditional perimeter firewall lacks the ability to provide this level of security.

As more businesses take advantage of the public cloud, they often expect that agility will follow. But without a unified foundation, the cloud can make your IT operations even more complex and slow down service delivery.

What’s needed is the ability to simplify network & security operations. We need to define a new model for the digital enterprise where we can:

• move networking & security into software and truly simplify management & operations

• create a consistent, multi-cloud infrastructure that is seamless, easy to manage, secure and highly available

• leverage internal resources together with public cloud services

• focus on innovation, and still ensure that disaster events don’t disrupt productivity
 

NETWORKING AND SECURITY IN SOFTWARE SIMPLIFIES CLOUD ADOPTION

When network & security operations are abstracted from underlying hardware & services and delivered entirely in software, you are no longer dependent on manual interventions. This allows delivery of these services becomes fast and streamlined.

Critical services, such as switching, routing, firewalling and load balancing now live closer to individual applications, which gives you more visibility and control. This enables levels of agility, security and economics that were previously impossible with legacy network and security services based in hardware.
 

Virtualising your network ensures consistent connectivity and security across your business. It provides the flexibility & programmability that you’ll need to adapt as customers, businesses and technology evolve.

Instead of struggling to keep up with multiple data centres and clouds, you’ll be able to bring consistency across all your sites and a level of automation that simplifies day-to-day operations. Applications can be run closest to the point of use, improving both response time and user experience, while VMs and entire data centres can be migrated with zero downtime.

This will give your team the freedom and control to connect & secure applications across multiple clouds with consistent networking & security. It also uses automation to streamline management and operations, allowing for more strategic approaches to delivering services to the business.

In the final blog of this 3 part series, I’ll be looking at how you reduce the ‘attack surface’ of your network and how changing requirements call for new solutions.
 

If you want more information on any of the above then contact us now or call us on +44 (0)20 7602 6000.

In this second instalment, Yordan discusses further ways you can protect your applications and the benefits of virtualisation.

NOW IS THE TIME TO RETHINK YOUR APPLICATION SECURITY – Part 2

Comments

Add new comment