• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Submissions
  • About Us
  • Contact Us
  • Aug 7, 2022
  • Startup
    • Creating a Plan
    • Funding a Startup
    • Franchise Center
    • Getting Your Office Ready
    • Making Your Business Official
    • Marketing Your New Business
    • Personal Readiness
  • Run & Grow
    • Customer Service
    • Human Resources
    • Innovation
    • Legal
    • Operations
    • Risk Management
  • Leadership
    • Best Practices
    • Communication
    • Green Initiatives
    • Open Culture
    • Strategic Planning
    • People Skills
  • Sales & Marketing
    • Advertising and Lead Generation
    • Marketing Innovations
    • Marketing Plans
    • Online Marketing
    • Relationships
    • Sales Activities
  • Finance
    • Budgeting and Personal Finance
    • Payments and Collections
    • Tax and Accounting
    • Pricing Strategy
    • Working with Investors
    • Working with Lenders
  • Tech
    • eCommerce
    • Hardware
    • Software
    • Security
    • Tech Reviews
    • Telecom
  • Shop

SmallBizClub

Helping You Succeed

Home / Technology / Security / For Today’s Data Centers, Reducing Attack Surface Means More Than Securing the Perimeter
For Today’s Data Centers, Reducing Attack Surface Means More Than Securing the Perimeter

For Today’s Data Centers, Reducing Attack Surface Means More Than Securing the Perimeter

1675 Views

Dec 19, 2018 By Debbie Fletcher

Cloud based network environments continue to make immense impacts throughout the IT industry. Cloud computing has effectively reached ubiquity in modern IT, and for good reason. Organizations that have implemented the technology immediately reap its benefits and recognize the profound improvements provided to their computing infrastructure. Companies that adopt cloud solutions, whether that be a public cloud configuration or hybrid structure utilizing both a localized datacenter and cloud services, are rewarded with significant cost savings, enhanced processing, and adaptable performance configurations. Unfortunately, these advantages do not come without their own drawbacks. Expanding datacenter architectures beyond on-premises hardware and into the cloud exponentially increases their attack surface increasing the probability of an unauthorized intrusion.

Traditional network security practices have focused on perimeter protection against outside attacks. The use of strong access controls, system hardening, application and network segmentation still serve as robust resources for IT security teams. Unfortunately, these methods are unable to provide adequate security for hybrid cloud environments since they do not help to minimize the attack surface, which is now much larger in cloud configurations.

Location is also a limitation to conventional security measures since the majority of methods are designed for in house or sole cloud operations conflicting with hybrid cloud models. The aforementioned security methods are also more prone to unauthorized lateral movements of an attack because of advanced application deployment practices becoming more dynamic and fluid creating additional pathways an intruder can access.

Due to these boundaries, IT professionals have leaned towards a more stringent security measure, micro-segmentation. This approach provides intricate visualization of the applications and traffic within the infrastructure coupled with process level policy limitations. Having this level of visibility and access restriction enables security teams to not only reduce attack surfaces within their hybrid cloud structure, but also monitor traffic at workload levels and can adapt their solutions based on their network architecture.

Creating a baseline with micro-segmentation

One of the primary steps of micro-segmentation implementation is a complete analysis of an organization’s computing infrastructure and gain full understanding of all day to day operations and factor in future growth. Equipped with a baseline foundation of daily process flows and data interactions, network specialists can visually monitor each application, system, and network and immediately identify unauthorized activity. Additionally, this helps to detect areas within the network that may need supplemental security measures enacted to minimize threats and limit access to shrink attack surface area.

Limiting the east-west movement of attacks

A main benefit of hybrid cloud infrastructure is how seamlessly localized and cloud applications, along with their, data can interact with each other. Customer-facing processes can be assigned to cloud services while internal operations can be executed on in-house compute and storage resources. Having all of this variety and flexibility within a network infrastructure is invaluable to a company, but doesn’t come without drawbacks. In the event an attack occurs, if left undetected, an intruder can infiltrate a less secure area of the infrastructure but make lateral movements over time.

Also known as east-west traffic, the attack can eventually exploit trusted access points from its entry location and gain access to more secure areas of the network. After the corruption has taken place, attackers will continue to search for additional levels of access based on the security profile gained during the hack looking for sensitive areas and information causing more damage than expected.

With an advanced micro-segmentation solution implemented, applications are segmented from each other, are segregated within user specified access levels, and have defined security boundaries to comply with industry regulation requirements. Given this level of policy enforcement, along with Layer 4 and Layer 7 process-level control, allows security teams to immediately minimize and restrict the lateral or east-west movement of an attacker, thus creating a drastic reduction of the attack surface.

The adaptability of micro-segmentation

Micro-segmentation solutions are also adaptable to protect network environments utilizing multiple operating systems, varying platforms, and heterogeneous hardware configurations. Conventional security methods are often restricted to operate within specific systems and are unable to crossover to diverse hardware and software configurations. This flexibility makes it an ideal option for IT specialists to adopt within their applications to allow for future changes or growth to their network architecture.

Micro-segmentation enables effective isolation and mitigation of threats

With the next enterprise level data breach around the corner, it seems only inevitable that an attack will occur. As datacenters evolve and adopt cloud solutions within their infrastructure, employing a dynamic and advanced micro-segmentation system safeguards the network architecture of an organization on many levels.  Whether a full or hybrid cloud approach is in place, it’s clear that longstanding security practices, while still relevant, are not as robust or equipped to provide the level of protection needed today. While implementing a robust network security perimeter should not be overlooked, micro-segmentation is a proven security practice to quickly identify, isolate, and quarantine a threat to lessen the damage incurred and drastically reduce the attack.

Filed Under: Security Tagged With: Data, Security

Debbie Fletcher

Debbie Fletcher

Debbie Fletcher is an enthusiastic, experienced writer who has written for a range of different magazines and news publications over the years. Graduating from City University London specializing in English Literature, Debbie's passion for writing has since grown. She loves anything and everything technology, and exploring different cultures across the world. She's currently looking towards starting her Masters in Comparative Literature in the next few years.

Related Posts

  • Improving Data Integrity at Your Small Business
  • 5 Reasons It’s a Great Time to Invest in EDI Software
  • tis-the-season-for-online-scamsSmall Businesses at Higher Risk of Being Scammed than Large Companies

Primary Sidebar

Random

6 Best Practices to Optimize Your Google Business Profile

Aug 5, 2022 By SmallBizClub

You Can and Should Skip Entry-level Jobs

Aug 5, 2022 By Ryan Kidman

8 Factors That Influence The Price of an Aerial Platform

Aug 4, 2022 By SmallBizClub

Are You Making These Costly Shipping Mistakes?

Aug 4, 2022 By SmallBizClub

Supply Chain Management: An Important Aspect Of Customer Service

Aug 4, 2022 By SmallBizClub

Footer

About Us

Small Biz Club is the premier destination for small business owners and entrepreneurs. To succeed in business, you have to constantly learn about new things, evaluate what you’re doing, and look for ways to improve—that’s what we’re here to help you do.

  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Copyright © 2022 by Tarkenton Institute, Inc. All Rights Reserved | Terms | Privacy