Trend Micro will be at Gartner’s Data Center Conference 2013 in Las Vegas all this week talking about our vision around the future of securing the data center. As you know from living and breathing your job every day, data centers are evolving at a rapid pace, with organizations embracing server virtualization and the cloud as an extension of the data center. Of course, these changes are bringing IT challenges as well as huge opportunities. But with the right approach to securing these new environments, both the security and operations teams can work together to achieve their goals. The opportunity this represents is simple but hugely important: take charge of this new environment, and you can achieve better security than was possible in the past – more auditable, easier to manage and with huge operational advantages over static security architectures.
The way a data center looks is very different even today
There’s no doubt that homogenous server environments are by and large a thing of the past. According to Gartner, a staggering 71% of server workloads will be virtualized by 2016 as organizations look to tap those much-touted benefits of cost reduction, greater business efficiency, and improved agility. Customers are also clearing voting with deployments on the cloud, with organizations like Amazon Web Services (AWS) and others showing huge growth. The challenge is that traditional tools can’t simply be re-deployed into virtual or cloud environments and be expected to work. The next generation data center will require a new approach to security… let’s take a look at some additional dynamics around security.
Hackers mean business
Trend Micro has been monitoring the cyber underground for a quarter of a century now and built up what we think is a pretty accurate profile of the enemy. People who want into your data center are highly motivated, well resourced, organized and disparate. In short, cyber crime has gone professional.
Cyber crime has fundamentally become a commercial enterprise. Mimicking the world of legitimate commerce, the information, tools and resources needed to launch attack campaigns can all be bought and sold on the cyber underground. All you need is enough money and to know where to look.
Just like commercial enterprise, success has driven cyber criminals to become focused and dedicated. Just like the outliers of Malcolm Gladwell’s 2008 bestseller, they are achieving success through 10,000 hours of work. Every aspect of an attack is measured, analyzed and optimized for maximum ROI.
Where do we go from here?
So we’re faced with multiple challenges as we move to virtual and cloud environments. Operations and security need to work together more to achieve the goals of the business. Hackers are continually attempting to steal your data and wanting to disrupt the data center. So how do we respond?
By taking charge with security which looks at the next generation data center in the same way that legacy security secured the data center of the past. Security needs to work seamlessly across physical, cloud and virtual environments – at the same time; in the same interface; with the same controls. There are opportunities in the next generation data center for easier management, improved ability to audit, and to actually achieve better protection for sensitive data and applications. Interestingly, security in the next generation data center fits better – including improved boot times, CPU savings, scalability and consistent performance – that will have security and ops finally singing from the same hymn sheet.
Look out for part two where we’ll explain how a virtual-aware approach to securing the data center could reap rewards for both IT security and operations.