There’s no doubt that enterprise environments are growing more complex by the day. Just consider the fluid nature of cloud computing and virtualization, the increase in the number of workloads, applications, and types of applications, coupled with the fact that they are distributed among on-premises and various types of cloud, and the explosion of mobile and accelerated adoption of IoT in recent years.
The ability for enterprises to secure information systems has dramatically grown in complexity. The best way to fight complexity is to optimize security.
So how can enterprises best optimize and streamline their security efforts? They need a strategy that helps their organization to make risk-based decisions and put into place a cybersecurity risk management process that is based on reducing risk specific to their business. One guide that helps enterprises to move in that direction is the NIST Cybersecurity Framework. The standards arm of the US government has also published many documents, known as Special Publications, that cover most every security topic imaginable, from securing Bluetooth to big data.
For example, securing virtualized systems is a complex and important subject, but NIST Special Publication 800-125 provides great guidance here. One of the important things in here is choosing hardware systems and software systems that are optimized to manage and secure virtualized environments. As you’ll see below, it’s an important part of optimizing your strategy that organizations always look for ways to streamline tools specifically for the environment.
How should enterprises optimize security in complex environments? Well, enterprises as they employ their strategy need to look for ways they can be most effective:
Enterprises should strive to standardize on toolsets and security services
Standardization on toolsets can help drive efficiency. For example, look for security agents, such as anti-malware, configuration management, vulnerability management agents that can work in the most environments. This way teams don’t have to use a bunch of toolsets and interfaces. When it comes to all security functions, look for ways to standardize as much as possible.
Look for ways simplify security and management dashboards
The fewer consoles for managing security policies the better. This way each location, region, operating system, and cloud are managed consistently. All security polices can be more easily enforced the fewer consoles that need to be managed.
Pick the right toolsets for the environment
If you have systems in the public cloud, choose platforms that are optimized for cloud. If the environment is a hybrid, such as including on-premises systems, as well as various forms of virtualization and cloud then look for toolsets that can integrate well together.
Look for agonistic tools and services, and those that can perform multiple tasks
If you need an application security scanning tool, for instance, perhaps choose a platform that performs static, dynamic, and interactive application security testing. The same should be attempted for other types of security practices as well: anti-malware, forensics tools, and so on.
If your organization runs a continuous delivery pipeline, for instance, it’s important that tests are conducted as code moves down the pipeline. Software must be tested against story requirements, its quality, and for potential security defects. And it should be tested when new features are integrated into the app or an app is integrated in new systems, for instance. But security testing should also be continuous, such as continuous web application scans and manual application assessments against production systems. This way, should software flaws be not become identified early, or they are introduced at some point, the ongoing scans and checks will eventually identify it. This is just as how endpoints should include the ability to stop malicious software through traditional means and behavioral monitoring.
There’s no way to properly secure systems without having a strategy in place and that it is effectively executed against. And the best way to effectively execute is to continuously look for ways to optimize security and system management efforts.