Data center security has been a perennial challenge for the enterprise since the first mainframes emerged in the 1960s. But now that the economy itself is starting to function as a set of digital services, the need to implement robust security is paramount.
According to VMware’s latest State of Security report card, top enterprise decision-makers have finally recognized that security is not just an IT concern but a business concern, with more than two-thirds saying they are spending more on security than in the past. This, of course, comes on the heels of several high-profile breaches in the e-commerce space that tarnished the reputations of some of the world’s best-known retailers.
But as VMware notes, identifying a problem is one thing; addressing it is quite another. More than half of enterprises rate their security practices at a C or worse, even though 80 percent have experienced a cybersecurity event in the past year. This is even more serious given that, according to the 2015 U.S. State of Cybercrime Survey, the average number of incidents per company rose 21 percent over the year before to 163.
The biggest hurdles in establishing the correct security posture are, as always, time and money. Half of organizations surveyed spend less than 10 percent of their overall IT budgets on security, with 86 percent spending less than a quarter. And close to three-quarters of respondents devote less than 25 percent of their man-hours to security. As well, more than half of respondents fold security into normal IT operations rather than rely on a dedicated security team using in-house or third-party resources.
To correct this situation, the next-generation data center requires next-generation security. And for that, the enterprise needs to look at three critical areas:
An always-on mobile workforce needs constant uptime and security. This means an end to simple access approval or denial and the implementation of intelligent, application- or even operation-centric control capable of protecting assets hosted anywhere and accessed from any platform.
BYOD is a fact of life at most enterprises these days, so the enterprise must implement a clearly defined and vigorously enforced acceptable use policy. This can best be implemented through a combination of mobile device management (MDM) software, industry-standard X.509 digital certificates and on-demand virtual private networks.
Detection and prevention
The “fortress enterprise” approach to security is quickly giving way to solutions that rapidly identify and mitigate threats. Intrusion detection systems (IDS) and intrusion prevention systems (IPS) work together to disable compromised network ports, isolate suspicious traffic and identify sources.
Ultimately, of course, security is a never-ending battle, so the enterprise should adapt itself to continuous monitoring, continuous upgrades and the realization that the most effective posture is to protect against not only the threats of today, but those of tomorrow, as well.
Need help getting there? Contact us.
For more security content, read our article on “Traditional Antivirus: Problem or Solution?”
Director of Professional Services
Key Information Systems, Inc.