Subscribe to Email Updates

Subscribe

20013035013_e397ceaf2b_b.jpg

The balancing act of IT: Retaining control over a distributed IT

By Liviu Arsene on Aug 07, 2017 | 0 Comments

Digitalization has brought new opportunities for companies and new challenges for IT teams. If legacy data centers were built around vendor-specific hardware, requiring dedicated manpower and software for maintenance, hyperconvergence (HCI) and today’s software-defined data centers (SDDC) introduce a new abstraction layer that turns hardware into a commodity.

As data, applications and users move outside the network to providers, clouds and hybrid clouds, organizations face the challenge of finding a security solution built for agility, performance and seamless integration without sacrificing the overall security posture of the organization. The new corporate IT landscape now comprises everything from mobile devices to virtual endpoints and cloud platforms that all need to integrated, managed and secured with minimum capital expenditures and operating expenses.

Software-defined data centers and hybrid infrastructures require away of running IT operations that’s based on complete infrastructure visibility, agility and scalability. With virtualization playing a vital role, balancing these requirements from a security perspective is not only challenging for traditional security solutions, but sometimes not feasible for IT managers. Distributed IT infrastructures attributed to SDDCs may sometimes grow the attack surface for cybercriminals and leave the company unprepared and unequipped to timely identify itself from a threat and plug it.

With a high-than-ever risk of downtime and data loss, organizations are looking for streamlined IT management solutions that bridge the gap between distributed and diverse IT environments. Security solutions built to accommodate these hyperconverged infrastructures need to be out-of-the-box compatible with virtualization and SDDC technologies, while offering automatic security provisioning and deployment. Since SDDCs are built on automation, agility and streamlined management, security needs to become an enabler and not an inhibiter for these digital infrastructures. Anything short of that in terms of security, and security incidents and data breaches will become not just a challenge to identify and plug, but also a serious concern for the company’s business sustainability.

Agile by design, hyperconverged infrastructures are all about fast automatic provisioning and simple centralized monument, enabling IT admins to retain control over distributed networks and the overall infrastructure stack. The same type of overview and control over the company’s security posture needs to be employed by a security solution that’s built for SDDCs and HCIs. Linear scalability and support for multi-hypervisor environments should allow an effective security solution to sustain the high virtualization density and performance employed by these new digital infrastructures.

Interoperability and unified management of both the public cloud and on-premise infrastructure has brought security challenges that legacy security solutions simply cannot address. Consistent cloud-agnostic policy enforcement is just one issue that traditional security solutions face, especially since enforcing those policies is usually handled via multiple management consoles, built for (physical or virtual) environments. This causes serious overhead for IT teams in terms of timely applying policies across the entire infrastructure, and sometimes may even lead to blind spots or gaps.

Hyperconvergence means that controlling and balancing today’s distributed infrastructures should be handled seamlessly, from a unified management console, and allow IT admins to elastically scale resources up or down based on business needs. Security for those physical, virtualized and cloud environments needs the same highly elastic capabilities and robustness as the rest of the managed resources. Failure to support this means that security policy orchestration across the infrastructure will suffer, and may leave security gaps and blind spots that open the door to attackers.

The abstraction layer that enables an automated, agile and programmable SDDC infrastructure is all about automation. Faster provisioning of storage, compute and networking resources needs to be coupled with automated security scaling and automatically applied policies, or delivery speeds will slow down significantly.

Retaining control over these architectures requires a more responsive means of exploiting IT infrastructures and controlling the security posture of the organization. Security requirements for hyperconverged infrastructures should fall in line with the core benefits of software-defined data centers, focusing on performance and manageability.

Companies need to protect their infrastructure with professional solutions that cover all sorts of devices, implementations and operation models while not affecting the company’s ability to remain agile. Infrastructure complexity needs to be met with centralized and concise IT management solutions that allow for improved response times and for strategic planning in terms of security deployments and cloud-agnostic policies.

Properly deploying hyperconverged infrastructures may prove vital to the growth of digital business, but failure to deploy security solutions custom-built for these infrastructure requirements could mean impossible-to-handle security incidents or even complete business shutdown in case of a data breach. With complete visibility and manageability - in terms of security - across the entire infrastructure, companies can control and balance their entire security framework, enabling IT managers and admins to proactively focus on security strategies rather than reactively solve security problems. 

Share This Post On

Author: Liviu Arsene

Liviu Arsene is a Global Cybersecurity Researcher for Bitdefender, with a strong background in security and technology. Researching global trends and developments in cybersecurity, he focuses on advanced persistent threats and security incidents while assessing their impact in critical public and private business infrastructures. His passions revolve around innovative technologies and gadgets, focusing on their security applications and long-term strategic impact.