Securing Complex Hybrid Infrastructure, Don’t Forget the Basics
Seems like you rarely hear about firewalls these days. You remember – the 1990s cybersecurity technology developed when computer viruses were running rampant over that brand new network technology called “the internet.” Then, IT teams were able to integrate firewalls at the relatively few points where their local area network connected to the internet. It proved to be an effective and enduring tactic.
Fast-forward to 2021 and you find the cybersecurity strategy conversation dominated by the multitude of attack vectors created by remote work and edge applications, challenges presented by securing cloud applications, and the growing impact of ransomware.
A defense-in-depth posture needs to be as modern as the infrastructure and services it’s tasked with protecting and evolving along with the threat landscape to face the new potential exposures and attack avenues. But that doesn’t mean foundational cybersecurity best practices do not matter anymore. Instead, as digital businesses rethink their infrastructures, they must also rethink how data centers fit into their holistic approach to hybrid IT security.
Let’s not forget the good that comes with these new challenges. The explosion of mobility, integration and other useful capabilities available to users and our customers produces myriad directions for attack. It takes thought, overlap and delineation of responsibilities to ensure we can build that layered defense effectively.
Where Does Colocation Fit Into Your Overall Strategy?
Boundaries still exist, even in the cloud world, as do underlying physical requirements for cloud providers to build hybrid environments with stable environmental conditions, highly available power, and infrastructure security. Foundational controls for on-premises systems and colocation facilities provide a baseline for securing interconnection and business-specific governance requirements.
Enterprise IT teams deliver more value when they can concentrate on continually improving the services or processes that make the business unique and competitive, their core competencies. Given the relentless and sophisticated nature of cyberattacks, unless your core competencies include cutting-edge cybersecurity, you need experts to dovetail internal and external security measures.
Data center providers are one such resource. In addition to space, power and network access bridging on-premises IT resources with cloud services (and reaching to the elusive internet edge), the data center provider can leverage their position to monitor and maintain the network. Some data center providers offer access to an ecosystem of service partners with cybersecurity solutions specific to what’s required by your industry and business – additional layers of defense and expertise that can be integrated to protect across a hybrid IT deployment.
You also can divide the workload by engaging partners to focus on securing pieces of the overall puzzle based on their areas of expertise, responsibility and core competency. One example is data backups and ensuring that backups are accessible when needed. Data backups can be taken for granted, if not periodically brought to the forefront of planning, updating and testing. In the world of ransomware, backup and testing recovery procedures are fundamental and critical. Colocation in multiple locations is another way to build resiliency into operations while providing options for recovery through a diverse mix of on-prem, colo and cloud.
Another example is patch management, which crosses the hybrid model from applications to servers and embedded operating systems. Each stakeholder in a hybrid environment needs to focus on their part of this important cyber hygiene, and colocation providers are well-positioned to provide the care and feeding needed for the base infrastructure that some may overlook.
Hardware refresh is another area that tends to fall out of the modern conversation. Yet, it is another foundational activity needed to ensure reliability of facilities. Enterprise IT teams can rely on a colo to focus on those areas, as well as requisite networking and cybersecurity updates and maintenance.
What Should Colocation Providers Have In Place?
Both process controls and technical controls are rolled into colocation operational procedures. While the below list is not comprehensive, it provides a starting point for thinking about what capabilities a colocation provider needs to have in place.
- End-point protection/security – The practice of securing endpoints or entry points of end-user devices such as equipment, servers, desktops, laptops and mobile devices from being exploited by malicious actors and campaigns.
- Least privileges – Allowing the least amount of access is a principle of zero trust security and its ability to eliminate unauthorized access to data, services, devices, etc. and make control enforcement as granular as possible.
- Network segregation – Dividing a network into smaller parts, which are called subnetworks or network segments.
- Threat monitoring – Continuous monitoring across networks and/or endpoints for signs of security threats such as attempts at intrusions or data exfiltration, as well as staying up-to-date on industry trends, events and lessons learned through breaches.
- Access control – Rules defining who is authorized to enter certain areas of a facility and handle equipment that stores valuable data and applications.
Cybersecurity is complex and ever evolving. It relies on each of us putting focus on staying aligned with best practices, staying aware of trends and events and being good netizens who maintain diligence in our cyber hygiene. No one organization or layer can accomplish it all alone. It takes determined actions by all stakeholders, and building and maintaining trusted partnerships.