Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 22 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

What the software defined data centre means for IT security

by The Gurus
February 25, 2015
in Opinions & Analysis
Share on FacebookShare on Twitter

It’s no secret that the data centre industry is evolving rapidly. Large scale, inflexible and expensive physical hosting solutions are no longer common thanks to virtualisation and we’ve all bought into cloud – so today’s forward thinkers are now looking to the Software Defined Data Centre (SDDC) to further transform the way they utilise data resources.
This change presents its own interesting challenges for security and SDDC, users need to be aware of the virtues, challenges and pitfalls of this emerging technology.
Security is about protection and defense, but it is also about assurance – giving your customers (both internal and external) the confidence that their data and systems are safe. To deliver either requires a thorough understanding of the technology – and in the case of the SDDC, the market is currently confused.
Disagreement about its definition is widespread. A recent survey by Adapt has revealed that although three out of five respondents (61%) claimed to be familiar with the SDDC concept, the majority were unable to explain its principal benefits: 13 per cent thought it was all about performance, 20 per cent said centralised management and 17 per cent admitted they were unaware of its benefits.
If professionals are struggling to understand the SDDC, what hope do they have of managing it securely? The SDDC is really about controlling storage, security, networking and compute from within software. Put simply, it’s is a way of making the most economic use of traditional data centre resources.
A software layer controls and manages infrastructure consumption, process and operation down to component level without human intervention. This enables applications to move seamlessly between environments, in and out of the cloud, from low to high performance without having to touch a single piece of hardware. It is this flexibility that will really make the SDDC the data centre of the future.
So, what does this mean for security? Our prediction is a more holistic approach with higher technical automation. As ‘software-defined’ gathers momentum, new methods for managing and enforcing security policies will emerge with it. The security admininistrator will need to define policies which allow the benefits of the SDDC to be realised while ensuring flexibility keeps within the bounds of security requirements. Removing the human element is only beneficial if the rules and policies defined are solid AND the right level of audit and review is in place.
We can expect to see a continued blend of hardware and software-based security, but a decreasing reliance on security hardware as access controls travel up the stack. The move towards this type of security is also about enabling devices and solutions to be driven by software.
As a day-to-day example, instead of making changes to specific firewall rules to enable a new web server to be visible, the process of requesting a new web server will intrinsically cover the application, operating system, virtual server, storage, data protection and security changes in a single business operation.
There’s no doubt the SDDC is the next big thing in IT. It is certainly due to replace “cloud” as the industry’s favourite buzzword. However, it is clear from Adapt’s research that the IT industry is still confused about the concept. We also see that security standards have not really catered for the concept of SDDC and this is not likely to change any time soon, given that ISO 27001 and PCI DSS v3.0 have only recently been revised.
However, security professionals, whilst dealing with the threat landscape that currently exists, really need to get to grips with the concept of the SDDC so they are prepared to manage future business requirements.
Service providers play a key role in supporting the education required, as only when SDDC is fully understood will security professionals be able to leverage its capabilities to support threat mitigation activity, reduce overall risk profile and deliver increased value to the business. Ultimately, the SDDC has the potential to make security more intrinsic and integrated within the IT estate, but there will still be a need for strong governance, control, testing and human accountability.
This feels like familiar ground – and it is certainly not without precedent. The perceived risk and security fears that initially held back cloud adoption, despite its long list of benefits, are equally applicable to the SDDC – it is the role and duty of service providers to erode skepticism with education and demonstrable results to achieve a wider market understanding and acceptance.
 
Kevin Linsell_Headshot_ August 2014_1 jpg
Kevin Linsell is head of service development at Adapt

FacebookTweetLinkedIn
Tags: Data CentreSoftware
ShareTweet
Previous Post

Time to detect breaches improves, but only a third self-detect

Next Post

Gemalto confirms NSA and GCHQ infiltration, but no major theft of SIM keys

Recent News

WatchGuard

WatchGuard acquires CyGlass for AI-powered network anomaly detection

September 21, 2023
'open' sign on window ledge

SME Cyber Security – Time for a New Approach?

September 21, 2023
Keeper Security Logo

Keeper Security Named a Market Leader in Privileged Access Management (PAM) by Enterprise Management Associates

September 21, 2023
Synopsys leader in AppSec

Synopsys Recognised as a Leader in Static Application Security Testing by Independent Research Firm

September 20, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information