Most businesses operate on cloud-based and on-premises servers. This hybrid environment allows for easy access to important data but often creates complexity in properly managing and securing your assets. Now consider IoT devices on your network, and this hybrid environment becomes nearly impossible to maintain.
Scott Crawford, Research Director at 451 Research, and David Meltzer, Chief Technology Officer at Tripwire, discuss how to simplify modern network complexities with essential security controls.
3. Momentum favors the
cloud
“How would you generally
categorize your organization’s
information security view of
hosted cloud computing
solutions (Hosted Private Cloud,
IaaS, or PaaS) in terms of your
organization’s tolerance for
information security risk?”
3
Source: 451 Research Quarterly Advisory
Report: Budgets and Outlook – Information
Security 2016
4. But legacy /
on-premises
investments aren’t
going anywhere soon
“Approximately how is your
organization’s total information
security spending on vendor-
based security tools currently
distributed across the following
locations?”
4
Source: 451 Research Quarterly Advisory
Report: Budgets and Outlook – Information
Security 2016
5. Why maintain the investment?
• Realizing its full value
• Dependencies
• Maturity
• Of the technology
• Of operations &
expertise
• The cloud is different…
• Regulatory requirements
• Ownership & control
5
9. Hint: What are common objectives?
• Consistency of control,
across both legacy and
“new IT”
• Assurance of enterprise
responsibilities
• Demonstrations of
adherence to enterprise
requirements
9
Security/Compliance Concern Score
Encryption 4.33
Identity Management/Authorization/Access
Control Tools
4.26
Assumption of Liability for Security Breaches or
Outages
4.23
Explicit Contractual Responsibilities for
Security Between the Cloud Provider and
Customer
4.17
Explicit SLAs 4.12
Data Leakage Prevention (DLP) 4.00
Providing Regular Results of Security Audits
from Known Security Testing Companies
3.99
Proven Compliance with Industry Standards 3.92
Auditability 3.91
“Rate the importance of each of the following in addressing
organizational concerns around security and compliance with hosted
cloud solutions:”
Source: 451 Research Quarterly Advisory Report: Budgets and Outlook – Information
Security 2016
10. Finding common ground
• Consistent application of
policy
• Essential for assuring
enterprise compliance
obligations, no matter
where
• Consistent execution of tasks
• Completeness of coverage
across hybrid environments
• Consistent data gathering
• For determining priorities
for the entire investment
10
11. But one size does not fit all
“Most things that we've encountered require a different approach for the
cloud-based solutions, than they do for the on-premises solutions. And
they almost always run into, ‘Oh, yes. But I can't support that’ …
“[For example], ‘we have the best […] security management tool in the
industry,’ ‘Do you support SAP HANA?,’ ‘What's SAP HANA?’…
“Or, ‘We support Amazon Web Services for cloud-based packet inspection.’
‘Does the same system work with my on-premises solution, and put it in
the same console?’ ‘Oh no, you have to have two separate accounts.’
Those are the kinds of conversations that I have all the time…”
-Mid-level management, $1-5bn retailer
11
From recent interviews with enterprise practitioners:
Source: 451 Research Information Security Narratives -: Budgets and Outlook 2016
12. Implementations can be very different
Legacy/on-premises infrastructure
• Accuracy/depth/breadth of asset
discovery
• Across a variety of physical assets
(hosts, networks, applications)
• Balance of speed and accuracy
• Policy constraints
• Tools often purpose-built
Cloud techniques
• API-based - ASK the cloud for
whatever you want to know
• ec2-describe-images --filter
“tag-value=prod”
• DescribeInstances
• DescribeVpnGateways
• DescribeFlowLogs
• Tools must be able to interact
with APIs, automation at scale
12
Example: Asset inventory
How well do your preferred tools
adapt?
16. If you think hybrid IT is diverse today…
16
Centralized Distributed
IoT
17. “Data centers on wheels”
17
• Up to 100 ECUs in some
vehicles1
…or with
arms
…or
wings
…or
legs
1 https://techcrunch.com/2016/08/25/the-biggest-threat-
facing-connected-autonomous-vehicles-is-cybersecurity/
18. Not just “smart” endpoints
• Sophisticated compute near the edge
• Data volume, thin pipes, latency
• Real-time action & response
• Functionality offload for constrained endpoints
18