Home Security Hybrid cloud shouldn't mean two security systems

If you're using or planning to use cloud computing — and who isn't? — it may be better to build your security with cloud in mind, making adjustments where necessary for on-premises systems.

Despite all the talk of "cloud first" IT, the number of legacy systems means "hybrid cloud security is very much the reality," according to Trend Micro vice-president of cloud security Mark Nunnikhoven.

Having two separate security systems is problematic, not least because it can mean double the cost, he told iTWire.

Trend Micro has invested heavily to make sure that its Deep Security and related products work in various clouds as well as on premises, Nunnikhoven said. The "lift and shift" approach to moving traditional security products into the cloud doesn't work as well, largely because of the scale and speed of cloud environments.

Putting security controls onto the servers is more effective than relying on perimeter defences – you can quickly and easily spin up 1000 virtual servers each with their own security layer, but scaling perimeter security separately is more challenging.

Cloud service providers recommend this approach, he said, because eliminating an entire layer improves efficiency, and it allows an organisation to be more dynamic and flexible.

Around three years ago, Trend Micro was one of a small number of vendors taking this approach, and the idea has taken time to spread, partly because it runs counter to security traditions and in some cases to regulatory regimes, Nunnikhoven observed. Yet perimeter defences need to know everything that might happen, while the attitude at the server level can be that everything is treated as bad unless it is known to be acceptable, which is easier to achieve.

And even though there may be a huge number of servers, there's no need to manage their security individually. A better way is to set group policies in much the same way that users are managed.

A baseline level of security is applied to all servers, then all the servers in a group get the same appropriate variations. "That way, you don't care how many servers there are," said Nunnikhoven.

LEARN NBN TRICKS AND TRAPS WITH FREE NBN SURVIVAL GUIDE

Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?

DOWNLOAD NOW!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

 

 

 

 

Connect

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities