When it comes to enterprise security, cloud was supposed to help simplify security efforts. But it didn’t turn out that way. Today, the typical large enterprise has its legacy environments, public clouds, private clouds, private hosted clouds, and various hybrid flavors of each to secure. And within those systems applications are becoming containerized, and broken into many different discrete services. All of this is not only fundamentally changing the way enterprises must secure their environments, but also significantly increasing the complexity in doing so.
The answer to keeping security in tune with the changing environment is to ensure security is continuously in step with the rest of the IT band by continuously updating security technology, processes, and polices as the environment changes.
Easier written in a blog post than done. Nonetheless, security needs to be optimized to protect the technology and architecture it is securing. When it comes to growing software-defined environments it means security must be software-defined. It’s no longer adequate for security to be so focused on the perimeter of the network with firewalls and the DMZ. It was all about protecting the network at its edges. Security needs to be able to scale and flow as clouds scale, as containers are deployed, and as microservices are created and deployed.
As we’ve discussed over the years, the best ways to achieve this is through automation. Previously, we spoke about how, in the software-defined data center just as network, application, and workload management are automated, security has the potential to greatly improve through centralized control of all security capabilities, as well as automated updating and adaptive responses. When managed properly, such “software-defined” security can do things like update security policies more rapidly and in a more uniformed way than in legacy data centers. Security patch updating, for instance, becomes nearly instantaneous.
Also, security in software-defined environments must change as systems are changed – in real time. As all applications, servers, configurations change then security settings, controls and overall security posture must adjust. As new workloads, containers, and microservices go into service they must be vetted and monitored based on their risk and business value, whether it is minimal risk, elevated risk, or regulated data.
Which brings us up to the next challenge: as environments become even more agile and software-defined with containerization and microservices, how do enterprises continue to keep their environments secure?
When it comes to securing containers, just as securing virtual workloads, visibility and securing at runtime is key. For containers and their hosts, they need to be assessed before they are launched and while they are running. This way, any container that attempts to run with older software can be identified and updated quickly. Just as with securing any endpoint or server, enterprises must also keep an eye on the processes running within containers, so to make certain malware isn’t attempting any shenanigans that will lead to trouble.
Also, just as east-west (internal) traffic is a challenge to monitor and secure on software-defined data centers, the same is true for containerization and intra-network hosts must be monitored for dubious activity. We provided more on what needs to be done to secure containers, Five keys to consider when securing containers.
When it comes to securing microservices, it becomes more about traditional software development security, as the key to securing microservices is good secure coding hygiene – vetting code as its being developed for potential service related errors, and much of that is up to what developers do in their development environments. And, of course, developers are going to make errors and let some insecure code slip by — so microservices need to be regularly, if not continuously, checked while running in production.
Just as how security had to become more nimble and automated as enterprises moved from traditional environments to cloud, the speed of IT systems is accelerating now as enterprises continue to virtualize, and also embrace containerizations and microservices. Security must keep pace.