How to Prevent Security Breach with Better Hypervisor and Cloud Security
You don’t want to be on the wrong end of a data or security breach. The unfortunate part is that this seems to be happening more and more often. The modern data center now houses more data and information than ever before. Furthermore, new applications, mobility, and IoT are creating even more data. And, this data is valuable.
Findings from a recent Gartner report say that 2016 will be the defining year for cloud as private cloud begins to give way to hybrid cloud, and nearly half of large enterprises will have hybrid cloud deployments by the end of 2017. This growth is being driven by new IT computing scenarios being deployed using cloud models, as well as the migration of traditional IT services to cloud service alternatives.
All of this new information has also created a variety of new targets. Just look at all of the very recent events. A 2014 Ponemon study looked specifically at data breaches. The results show that a probability of a material data breach over the next two years involving a minimum of 10,000 records is nearly 19 percent. Here are two other big points to consider:
- The cost of data breach increased. Breaking a downward trend over the past two years, both the organizational cost of data breach and the cost per lost or stolen record have increased. On average the cost of a data breach for an organization represented in the study increased from $5.4 million to $5.9 million. The cost per record increased from $188 to $201.
- Malicious or criminal attacks result in the highest per capita data breach cost. Consistent with prior reports, data loss or exfiltration resulting from a malicious or criminal attack yielded the highest cost at an average of $246 per compromised record. In contrast, both system glitches and employee mistakes resulted in a much lower average per capita cost at $171 and $160, respectively.
With all of this in mind, how do you create a more secure architecture? How is security evolving to better support data center and private cloud demands? It really does, in very many cases, begin with the hypervisor. Today’s modern infrastructure is heavily virtualized with the hypervisor controlling storage, network, and even compute resources. Let’s look at some ways to better secure your VMs and the hypervisor that they sit on.
- VM isolation and multi-tenancy. Intelligent policies allow you to create powerful hypervisor architectures built around multi-tenancy. These policies can govern where users are allocated, how resources are assigned, and which VMs require isolation. Groups can be created for entire network segments where sensitive data resides. From there, you can control other VMs to ensure that traffic never mixes between the two multi-tenant environments.
- Proactive alerting and network segmentation. Catching issues before they become major problems is critical. Is there anomalous traffic? Do you need to quickly shutdown or segment a network? All of this needs to be done from a central control plane with complete visibility into the underlying workloads. At the hypervisor layer, you’re able to create alerts and even create policies around compliance to ensure the safety of your overall infrastructure. Furthermore, network segmentation can allow you to prioritize traffic patterns, isolate critical data points, and control how users access resources.
- Integrating virtual firewalls, IDS, and more. We’re now talking about integrating virtual firewalls and full intrusion detection services (IDS) directly into the hypervisor layer. These are powerful security tools to help stop malicious traffic before they impact your VMs. This is the recipe around next-generation security concepts; virtual controls helping enable your hypervisor and your cloud.
- Cloud-ready endpoint control. Border security devices are being deployed with advanced interrogation engines capable of granularly scanning all inbound devices. Checking for rooted devices, the right service pack, or even the latest A/V can all be set as interrogation points. Further control can be derived from the use of mobile/enterprise device management (MDM/EDM) solutions. Having the capability to remotely locate or wipe a stolen or lost device can be very handy. Remember, trends around IT consumerization and mobility are only going to continue growing. This means more users will be utilizing the device that helps them be most productive. It’ll be up to your data center’s next-generation security model to help delivery those resources and keep them secure.
Believe it or not – there are some very powerful security solutions which can be integrated directly into your hypervisor. These solutions are designed to keep you running both optimally and securely. Remember, as your cloud and virtual infrastructure continue to evolve, make sure you have a security solution that can be as agile as your business.