As fresh attacks on multinational organizations make near daily headlines, it is apparent that the cybersecurity landscape is shifting and a new paradigm is necessary for the changing battlefield. Midsized businesses, lacking the same IT defenses as their larger counterparts, are left more vulnerable to these broad and increasingly complex breaches. Although still brand new, cloud-based software defined security (SDS) is emerging as a nimble yet agile weapon to combat malware and other attacks without risking organizations’ bottom line.
Rishi Bhargava, general manager and vice-president for the software defined data center at Intel Security Solutions, characterizes balancing top-line growth and data protection as one of the strongest challenges facing midsized or smaller companies today. He says, “From an uphill battle perspective, I think the highest level question all these organizations are facing is, how do you keep improving the security without having to invest more and more over the years?”
Recognized agile benefits of the cloud’s automation in saved man-hours paved the way for software defined networking (SDN) and software defined infrastructure (SDI). This led to the SDS layer as a solution within the software stack that could protect cloud-based capabilities and sensitive data without affecting organizations’ profitability model. “From a head landscape perspective, there are two options,” Bhargava says. “Either slow infrastructure movement to make sure security is provisioned in the old model or I push out the infrastructure unsecured. Those are two bad choices.”
SDS is currently designed for organizations supporting their own infrastructure and data centers. “Midsized businesses will most likely discover this brand new capability through their hosting provider or other remotely managed IT partner,” says Paul Teich, CTO and senior analyst at Moor Insights & Strategy, who recommends these organizations should partner with IT providers who understand the latest in private cloud technology. ”Hosters and service providers targeting the mid-market are really the IT organizations SDS is aimed at in the short-term…[and] require an IT staff and scale that is beyond most mid-market IT capabilities. It is customizable in terms of capabilities and functions, but deploying SDS has to be done in a very specific manner.”
Recognized agile benefits of the cloud’s automation in saved man-hours paved the way for software defined networking (SDN) and software defined infrastructure (SDI). This led to the SDS layer as a solution within the software stack that could protect cloud-based capabilities and sensitive data without affecting organizations’ profitability model.
Unlike static legacy solutions requiring additional man-hours with each update, SDS is adaptable to existing customer infrastructure and practices, easing adoption and reducing traditional integration burdens. While approaches such as access-based security are still vital to cybersecurity protection, these tools alone have proved insufficient in the rapidly changing landscape and, in order to remain in the same paradigm, would require resources beyond the capability of most midsized business to keep updated.
“Going back, a new application was deployed once in two to three years,” Bhargava says. “Your CRM system would not change for three to five years. Your entire website infrastructure would stay like that for two to three years, secured by setting up the security infrastructure and policies once and only changed when the application changed. In the new world, if you want to use cloud or a private cloud infrastructure, the real benefit SDI brings is you can be nimble. The same security principles apply but it gets provisioned fast, policy management distributed and it’s integrated into your application development lifecycle.”
The Intel Security Controller, currently in controlled beta with a targeted Q4 2014 general availability through the McAffee Virtual Network Security Platform, will be the first SDS on the market to harmonize multiple existing IT management applications onto a unified platform, with the automated security provisioning designed to be scalable across customer infrastructures already in place. “From a customer perspective, it still creates a very heterogeneous experience,” Bhargava says of current SDS solutions. “Each of these products are automated in their own way because then you still need to manage policies in different places. Point product integrations will not scale in this massive cloud world. From our perspective, multiple point products working in cohesion, in a single place, is absolutely must do in the new tech landscape.”
Bhargava believes effective future cybersecurity efforts will be connected and envisions the emergence of standard messaging protocols to enhance communication between point products as well as security intelligence data collected by and shared between individual organizations. “On the data center and cloud side, the key thing that will emerge is automate, automate, automate,” he says. “Make sure your security is not lagging behind your SDI.”
Teich sees communication, coupled with data utilization, playing a strong role in cybersecurity innovation development. “SDS is the start of moving security into a virtualized service that can be deployed both locally and in the cloud,” he says. “Having a cloud-based component means that SDS can use Big Data analytics to improve threat detection because pattern recognition will be much more sophisticated and those patterns can be shared across a wide range of SDS services.”
“A very important way to look at why midsized businesses should care for SDS,” Bhargava concludes, “is it gives them automation, ease of remediation and all the other benefits through the existing investments they have already made.”