Home Security Hybrid cloud shouldn't mean two security systems

Hybrid cloud shouldn't mean two security systems

If you're using or planning to use cloud computing — and who isn't? — it may be better to build your security with cloud in mind, making adjustments where necessary for on-premises systems.

Despite all the talk of "cloud first" IT, the number of legacy systems means "hybrid cloud security is very much the reality," according to Trend Micro vice-president of cloud security Mark Nunnikhoven.

Having two separate security systems is problematic, not least because it can mean double the cost, he told iTWire.

Trend Micro has invested heavily to make sure that its Deep Security and related products work in various clouds as well as on premises, Nunnikhoven said. The "lift and shift" approach to moving traditional security products into the cloud doesn't work as well, largely because of the scale and speed of cloud environments.

Putting security controls onto the servers is more effective than relying on perimeter defences – you can quickly and easily spin up 1000 virtual servers each with their own security layer, but scaling perimeter security separately is more challenging.

Cloud service providers recommend this approach, he said, because eliminating an entire layer improves efficiency, and it allows an organisation to be more dynamic and flexible.

Around three years ago, Trend Micro was one of a small number of vendors taking this approach, and the idea has taken time to spread, partly because it runs counter to security traditions and in some cases to regulatory regimes, Nunnikhoven observed. Yet perimeter defences need to know everything that might happen, while the attitude at the server level can be that everything is treated as bad unless it is known to be acceptable, which is easier to achieve.

And even though there may be a huge number of servers, there's no need to manage their security individually. A better way is to set group policies in much the same way that users are managed.

A baseline level of security is applied to all servers, then all the servers in a group get the same appropriate variations. "That way, you don't care how many servers there are," said Nunnikhoven.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.