Understanding security challenges and how to stay proactive


By: Bill Kleyman|

The importance of data and its integrity has introduced a new paradigm around cloud security and controls. Now, the loss of data can have massive repercussions for an organization. Security administrators have been tasked with keeping data safe and constantly ensuring that their cloud environment stay secure.

Now – is that possible to do 100% of the time? Probably not. But staying proactive can be an absolute life saver. Let me give you an example — In speaking with a friend recently, he told me that they had a part of their VPN compromised when Heartbleed happened. However, in using powerful IPS/IDS technologies – he was able to find the bots on his network hitting the impacted VPN instances. Although some credentials were leaked, the sheer speed at which he was able to catch the issues helped the very large organization prevent anything major from actually happening. He was able to block IPs, bots, and malicious services even before a fix for Heartbleed was released.

What if there was a vulnerability within a VM? How quickly can you stop traffic flow? How quickly can you stop an attack from directly from your hypervisor? What can you do to maintain a proactively secured and compliant cloud model? With all of these questions in mind – let’s look at a few ways to keep your cloud and virtual environment proactively secure.

  • Incorporating distributed security solutions. One major aspect of cloud computing is its very distributed nature. So how do you manage security when your entire environment is so dispersed? This is where Cloud Security management solutions can really help out. Basically, cloud-ready security management allows you to create a multi-tenant environment capable of VM isolation, intelligent security policies, and even the deployment of virtual firewalls. Remember, one of the greatest features of a distributed security solution will be your ability to manage a cloud environment from one location.
  • Creating “internal” security customers. Your organization has different divisions and departments – your security solution should be flexible to accommodate the diversity of your business structure. This means working with a security solution capable of intelligent security segmentation. Here’s the important part – it has to happen at a VM and user level. Imagine being able to deploy an agile virtual firewall for a specific group of VMs based on their requirements or what resources they have allocated. Or, being able to have granular control over each virtual machine using your cloud ecosystem. To secure your internal customers – you have to look at technologies which enable security within a segmented virtual infrastructure. By doing so, you create a proactive platform where issues can be caught before they spread to other segments of your cloud.
  • Compliance, reporting, and auditing. One great way to stay proactive is to remain compliant with key industry requirements. Furthermore, having a good auditing practice allows you to quickly catch and remediate issues before they become major problems. Security requirements for cloud providers in a virtual environment are highly complex and must support a unique business model. Multi-tenant security must be managed by virtual machine, customer, and organizational unit, and maintaining a high quality of service level is required on a granular basis. To maintain compliance, organizations must effectively collect and audit data on each virtual machine—and control and protect intra VM traffic. This is where an integrated security solution comes into play. Not only are you creating policies to secure your virtual infrastructure – you’re also creating good compliance, reporting and auditing practices. In having access to better reports with more granular data, you are working with the capability of knowing more about the security of your data – and how to keep it proactively secure.

Your capability to catch a security problem before it becomes a massive issue greatly revolves around the proactive nature of your security model. Intelligent security technologies are capable of scanning for threats before they even hit your virtual machine. Now, not only are you creating a more secure platform – you’re also improving efficiency. Maintaining granular security control at the virtual layer allows you to become more proactive and respond much faster.


Topics: , ,

About The Author

Bill Kleyman

Vice President of Strategy and Innovation at MTM Technologies

Bill is an enthusiastic technologist with experience in datacenter design, management, and deployment. His architecture work includes large virtualization and cloud deployments as well as business network design and implementation. Bill enjoys writing, blogging, and educating colleagues around everything that is technology. During the day, Bill is the Vice President of Strategy and Innovation at MTM Technologies, where he interacts with enterprise organizations and helps align IT strategies with direct business goals. Bill’s whitepapers, articles, video blogs and podcasts have been published and referenced on InformationWeek, NetworkComputing, TechTarget, DarkReading, Data Center Knowledge, CBS Interactive, Slashdot, and many others. Most recently, Bill was ranked #16 in the Onalytica study which reviewed the top 100 most influential individuals in the cloud landscape, globally.

Articles by Bill Kleyman
See All Posts