EXPERT OPINION
Apply defence-in-depth protection across
server, gateway, network and endpoint.
Also consider investing in a blend of tools
at each layer in order to tackle the wide
variety of threats out there: there’s no
such thing as a silver bullet.
These tools could include intrusion
prevention (IPS), firewalls, white-listing,
behavioural analysis, custom sandboxing
and Machine Learning. Add multi-factor
authentication (MFA), VPNs and encryption
for data at rest to further mitigate risk.
Bharat Mistry, Principal Security
Strategist, Trend Micro
Then there’s cryptojacking. We found an
increase in mining malware detections
of 956% from 1H 2017 to the first six
months of 2018. Although this menace is
unlikely to cause a service outage, it will
eat up power and wear out your servers.
But more importantly, it creates a point
of presence in the organisation which the
same hackers could return to in the future,
perhaps bearing ransomware.
Most firms will want a data centre security
partner that can provide protection
across physical, virtual and hybrid cloud
environments, with security products
designed specifically with these different
platforms in mind. This will maximise
protection and compliance while
minimising any performance impacts.
On the front foot The most comprehensive approach
will cover everything from pre-run-
time container scanning to automated
protection for dynamic workloads. With
this set-up, firms can finally begin to
realise a best practice security-by-design
approach, supported by DevSecOps.
So what can IT security managers do in
response? The most effective strategy
is one based around risk management.
Do some risk modelling and understand
which parts of your data centre are ‘high
risk zones’ and which are lower risk.
Then apply technologies and processes
relative to this risk. Segregate these
zones so that if one is infected it will
limit the damage. Finally, it’s important to think about
security as a proactive, not reactive
endeavour. To that end, consider threat
hunting tools, or those which offer greater
insight into data centre traffic flows to
spot the early warning signs of suspicious
activity. Incident response plans should
be thoroughly tested and constantly
adapted. Above all, good cybersecurity is a
continuous process, not a destination. ◊
42
Issue 05
MOST FIRMS WILL
WANT A DATA
CENTRE SECURITY
PARTNER THAT
CAN PROVIDE
PROTECTION
ACROSS PHYSICAL,
VIRTUAL AND
HYBRID CLOUD
ENVIRONMENTS,
WITH SECURITY
PRODUCTS
DESIGNED
SPECIFICALLY WITH
THESE DIFFERENT
PLATFORMS
IN MIND.
www.intelligentdatacentres.com