Robust data security in the virtual data centre is fundamental when weighing the offer of any managed cloud service provider.
On one level it’s an obvious point, but shining a spotlight on security is also revealing about a truth that’s hard to escape: managed services may vary a lot – and they do – but a serious provider must deliver on security.
Though it has more facets to it than ever, security today is increasingly presented as part of a single unified threat management platform. The integration of network, email and web security, plus endpoint, sandboxing and other security and oversight functions, makes for a protected end-to-end environment that marks a clear improvement on the more fragmented approaches of the past.
Even with this kind of integration to the fore, however, there is still a hefty list of security point products you’d expect to see being used and promoted by any serious managed cloud service provider for their chosen virtual data centre set-up.
Firewall and antispam - The latest firewalls use purpose-built processors and threat intelligence to maintain protection and high performance with both encrypted and unencrypted traffic, while also keeping a lid on spam. The complexity inherent in today’s firewalls is mitigated in part by automation, which bundles up activities and feeds back easily grasped insights into applications, users and the network.
Email remains at the heart of many business communications in 2019, so effective antispam still matters, too. The best antispam tools take a multi-layered approach to detecting and filtering spam, including dual-pass detection in many cases. Endpoint agents can also block spam messages on remote computers and mobile devices.
Web filtering - In this age of the internet, web filtering is the first line of defence against web-based attacks, blocking access to malicious, hacked or inappropriate websites. Malicious or hacked websites are often a source of attacks, triggering downloads of malware, spyware or risky content.
The best web filtering services are VBWeb-certified for security effectiveness and most give dashboard control for admins to tweak and optimise parameters.
Intrusion prevention - Intrusion prevention systems (IPS, for short) are sometimes part of a firewall set-up, but can be stand-alone as well.
IPSs work through a detection system backed up by a response capability to block attacks. Underneath the hood is a software application or tool that monitors a network or system for malicious activity or policy violations. Anything malicious or suspicious is usually reported either to an administrator or collected centrally using a security information and event management (SIEM) system. Such SIEM systems are notable for combining outputs from multiple sources and for smart filters that can distinguish malicious activity from false alarms.
An applications dashboard - Control of applications is crucial today for security and compliance. The best dashboards enable simple enforcement of acceptable use and give real-time visibility of what users are running. Most can also quickly create policies to allow, deny or restrict access to applications – or even entire categories of applications.
Beside the real-time capabilities, most will help companies examine application usage trends over time through views, visualisations and reports. It’s also a way of keeping malicious, risk, and unwanted applications outside a network through control points at the perimeter, in the data centre, and even internally between network segments.
A security dashboard - Security teams – whether they work for the outsourcing company or for the service provider – have to manage ever more complex networks and growing numbers of systems alerts. Navigating these challenges requires measurement and analytics of many processes. Dashboards can simplify the management view, give a network operations view and give a top-level security operations view, while also measuring and scoring security effectiveness and delivering capabilities like automation of repetitive actions.
These five headline elements we’ve picked out aren’t meant to be exhaustive. However, between them they do give you a taste of the security elements that a managed virtual data centre should have under control – and all under the watchful eye of an experienced service provider. Other things that you would expect to be in hand include patching protocols, network address translation and the judicious use of two-factor authentication.
Before we leave it, let’s also mention that the approach taken in relation to security by a service provider that’s managing a virtual data centre can be scrutinised in other ways, too.
Something to look out for, alongside doing your own detailed homework, is whether ISO security certifications are in place. ISO 27001, for example, is one information-security certification that’s widely adopted. It is technology-neutral and uses a risk-based approach. Alongside it, there are other related standards that examine the use of controls like information security policies, the organisation of information security, HR security, asset management, access control, cryptography, physical security, operations security, incident management and more.
What does it actually mean, in practice, to be ISO 27001 certified? To get the certification requires, in the broadest context, an approach to security that includes:
Down in the detail there is lots more to examine, clearly, but it’s another more than useful measure that can demonstrate whether a service provider is taking things seriously and worthy of your consideration.
Security is the backbone to any relationship with a service provider. Once you feel confident about it, you can move on and focus fully on the business advantages the relationship will deliver. Get in touch to speak to our experts and find out what the best approach is for your team and business.
Posted in Managed Cloud on Jan 29, 2019