Here’s how security vendors like Trend Micro have adapted their solutions to protect customers in hybrid cloud environments.
An organisation’s IT infrastructure has expanded beyond the corporate firewall and perimeter. It is on the cloud and on mobile devices. Servers have become virtualised. There are thousands of IoT devices joining the network. Users work from anywhere and with their own devices. Applications reside on premise, in the cloud or on user devices. In a hybrid environment of this kind, it becomes difficult to have a centralised view of security. The old way of doing security is no longer adequate since the threat landscape has changed.
Nilesh Jain, Country Manager- (India and SAARC), Trend Micro said traditional security solutions like IPS and firewall are no longer that effective. He believes organisations need to redefine their IT security policies and put new security procedures in place.
“The security procedures should provide for governance in the cloud, since the applications are now in the cloud. Users will not go back to the IT team and ask for permission to use resources (like Office 365) on the cloud or on their mobile devices. We are no longer in the denial mode with a big list of don’ts. It is now a bigger list of do’s.”
With IT infrastructure getting more dispersed, organisations need to ensure visibility of security, no matter where the IT assets are located. It was easy to do this earlier, when the IT infrastructure was behind a firewall.
“Earlier, you had good visibility of the perimeter and into how data was flowing in or out of the organisation. But now things are different and the approach to security needs to change, said Jain.
The new generation of security tools are designed to handle hybrid environments. These security tools can integrate with clouds applications that are commonly used by enterprises. These tools are centralised and can give you a complete 360 overview of the security status of your IT infrastructure, whether it is on premise, on cloud or on mobile.
“You can’t outsource security. Security is owned by the organisation,” said Jain.
Security vendors have adapted their solutions for hybrid environments with new technology and partnerships with cloud service providers.
“Around four years ago, we at Trend Micro saw our customers moving to the cloud, so we collaborated with Amazon, and later with Microsoft, to secure their infrastructure on AWS and Azure cloud environments,” said Jain.
The challenge for security vendors like Trend Micro is hybrid environments. As more organisations adopt hybrid cloud infrastructure the big challenge is really synchronisation and common visibility for security, informs Jain.
“Our Deep Security solution can protect customers on physical and virtual servers. Protection is available on AWS and on Azure environments. It offers centralised visibility and centralised policy management,” he said.
Customers do not want multiple security products to secure their hybrid infrastructure. This is another challenge that security vendors need to address.