The ‘gig economy’ comes to your data center security – on-demand, obviously!

The current status quo is broken. We can no longer be reactionary – we must be revolutionary.

network security hacker virus crime
Thinkstock

If you’ve been living under a rock, you can be forgiven for your lack of awareness of the “gig economy.”

Put simply, it’s freelancing, consulting, contracting, temporary – call it any one of the above – but essentially it is the largest growing segment of the U.S. economy from 2005-2015, and expected to grow even more significantly going forward.

Why is this? Because it engages workers when they are needed, for a specialty they excel in and can be scaled up and down quickly on demand. Think Uber, Fiverr, etc.

But what has this got to do with the data center of today?

Over the past decade, there has been a massive transformation in the enterprise data center going by the acronym of SDDC (Software Defined Data Center). It is essentially a software control layer that dictates how the network and application services – all virtualized – are programmed dynamically resulting in an agile and flexible data center.

The key here is “virtualization,” which takes advantage of commoditized hardware with all the switching, networking and application services as virtual functions.

But virtualization is still “heavy.” It encompasses the entire operating system and therefore that gave way to the innovation called “micro-services” or “containers” – lightweight on-demand sub-functions that can be spun up or down easily. Think gig economy workers – specialized, temporary and scalable!

But wait, there’s more.

Let’s first shift focus to homeowners. Wouldn’t it be great if I can instantiate a security system for my home, or upgrade from basic to premium home monitoring, the moment there’s an imminent threat of burglary that is detected? A parked van with a suspicious character and no license plates, or a drone hovering above during the weekday hours darting in and out of every backyard taking snaps.

Or imagine if I can get rid of the obscene annual home warranty forever, in favor of a just-in-time gig plumber summoned automatically to plug the potential leak when the water pressure drops…and before the cataclysmic flooding happens.

That’s the cognitive data center security solution I envision for the future. Why? Simple – today’s “amassed over the years multi-vendor security solution” does not work. This was blindingly clear at the Structure Security conference in SFO in the fall of 2017, where an unnamed vendor went on stage and asked the distinguished audience of CISO’s, security practitioners and other vendors the following questions:

  1. Do you feel that you have way too many security vendors – either in production or being considered – offering niche solutions that do not address the constantly evolving security challenges you are facing today? Most of the hands went up.
  2. Do you feel that despite so many security vendors in your data center, your overall security posture has not dramatically improved? Most of the hands went up.
  3. If there was a non-intrusive way of detecting which vendors are actually doing jack-shit so you can turn them off completely, which vendors have been poorly (or mis) configured so you can go back with recommendations to fix that would that be of value to you? Most of the hands went up.
  4. And would that then open up your time (priority 1) and budget (priority 2) to actually evaluate some innovative security solutions? All hands went up.

And in the hallway conversations that followed, it was apparent that this really hit a nerve. What does this tell us? Too many vendors with very little efficacy, yet the fear of the unknown prevents CISOs and SecOps people from pulling the plug and starting anew. Resoundingly a desperate need to clear out the deadwood in a non-intrusive way to make way for some real innovation.

So, taking this logic forward, and taking a clean slate architecture, let’s go back to my just-in-time home security analogy.

I literally have no security to speak of most of the time, except the basic padlock. But when a threat is detected, I can summon a gig security guard, set up a perimeter defense complete with an on-demand video camera, sensors and an auto-connect 911 system in a matter of seconds.

This is the cognitive, on-demand data center security that we need. Not a big honking firewall at the DMZ, a malware sandboxing sandpit, tons of “host-based agents,” a poorly configured and expensive SIEM SOC and hundreds of consoles each claiming to be the master console that can subjugate the others to servitude.

No. I envision a gig security solution. One where the gig actors can be summoned on-demand based on the current threat environment, scale as needed, retire on a whim and bring in new gig actors as the threat shifts.

Yes, micro-services could fit the bill. So could FaaSS (Function as a Security Service).

Some might call this reactive. I call this revolutionary.

Why? Because the current status quo is broken. And if we can take early indicators of a new threat vector – monitoring and evaluating against a constantly changing baseline with AI (here I cave in and must use that word) and unsupervised learning – like the intruder drone or the water pressure drop in the home analogy, to instantiate the appropriate real-time threat measures…well, that is not reactive, it is revolutionary. Or gig-revolutionary.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the Fall 2018 issue of Security Smart