In the Northern Hemisphere, most countries are experiencing a bountiful summer and hopefully along with it, some much needed downtime for overworked data center security teams. As an IT professional, you should use this downtime to reflect on ways to move data center security forward in keeping with new technology and workforce trends.
Habit 1: Embrace the need for real-time services and transactions
With the impact of Web 2.0, businesses and consumers alike have come to expect information and services to take place in real time. The challenge is for security teams to balance these multiple trends and needs without placing company assets at risk. In order to achieve this, businesses must choose technologies that can scale as network architectures become faster, flatter and much more automated. Additionally, data center solutions must be able to address both private and public cloud adoption, as well as the convergence between security and networking teams that is happening at many companies.
The answer will be in adopting template driven processes that map to team functions, and toolsets that are flexible. Look for those that allow policy to be abstracted from the network and applied across different topologies beyond the traditional enterprise perimeter. Enabling the network, server operations and security teams to work in tandem to provision services speedily will also be key.
Habit 2: Ensure your security solutions don't negatively impact performance
Does it ever seem like some data center teams treat security like the unwanted child? Historically, it's been because security has either eroded the performance and infrastructure efficiency gains, or required burdensome infrastructure retrofits.
However, despite this past sentiment, now is the time to evaluate the impact of your security toolsets on data center performance. In a recent Cisco-sponsored IDG Network World study, 73% of respondents did not feel confident that their current firewall and/or IPS technology could meet today's increased performance requirements. So with this in mind, there is a window of opportunity to adopt platforms that can help overcome this problem.
Select a platform that has been architected not only to ensure high throughput, but also maximize availability and ensure optimal traffic flows. Additionally, clustering and a pay as you go model will ensure that hardware investments are maximized.
Habit 3: Ensure protection is focused on what matters most — users and data
Security teams continue to be in denial over cloud and mobility trends. The reality is that key parts of the infrastructure are increasingly out of security's control. Therefore, it's important to ensure a contextual approach — focus on who, what, when and where, so that you can enable users to safely access data. Also, as threats continue to evolve, cloud-based threat data provides much needed supplemental information with which to make accurate security decisions. Many teams find that cloud threat data helps provide a level of confidence in moving to cloudbased infrastructure models where they may have a limited degree of visibility and control.
Evelyn de Souza is a data center and cloud security strategist for Cisco Systems. She can be reached on Twitter at @e_desouza.