Live From GalaxZ 16: Complexity Is The Enemy Of Security

The Zenoss annual user conference, GalaxZ 16, is on day three! It’s a very exciting time to for us to listen and work with our customers and partners. By working together, Zenoss, our customers and our partners are able to collaborate and develop solutions that enable their businesses to succeed in today’s ever changing IT environment. This message was made even more apparent by one of our keynote speakers, Brian Kelly, Chief Security Officer at Rackspace.
Rackspace logo

I can hear you now, what does Security have to do with “unified monitoring”? Well, if you follow Zenoss, then you likely know that Zenoss cares a great deal about the success of our customers.  Our customers need to innovate fast to keep up with business demands. Often, this means they need new services provisioned in real time, not days or weeks from now.  Increasingly they are turning to cloud solutions from AWS, Azure or Rackspace. Unfortunately, they often meet resistance in doing so. Why, you ask? Brian listed the key hurdles many enterprise faces in moving to the cloud:
1. Lack of expertise

2. Security

3. Compliance

4. Multiple Providers

5. Costs

6. Complexity

7. Governance

8. Control Performance

However, Brian is an optimist and sees security as an enabler. He likens it to the dawn of the automotive industry when cars were slow and brakes hadn’t been invented for them.  The introduction of brakes,  as well as many other subsequent safety items, enabled automakers to build faster and faster vehicles.

Similarly, he sees security enabling companies of all sizes to move to the cloud. However, how we manage security and provide governance and control over the services needs to change. Today, we create complexity in our security solutions with physical devices, depth, layering, and integration within the operating system.  Those solutions won’t work for cloud where the perimeter has been moved away from the enterprise. A new model needs to be implemented that ties security directly to the workload. He suggested a software defined perimeter model, where controls are implemented based on users profiles and policies. So, what would that look like?
•  Containerization: This provides workload elasticity and another layer of control transparent to the user.

•  Streamline and simplify security: Not for the purpose of reducing controls, but rather to surgically place them. In fact there may be even more             controls, but they will be better defined for the service and the user. This will allow for better and lest costly audits.

•  Move data to decisions: Allowing you to understand your data flows and secure them.

•  Pursue active defense: Aggressively seek out data evidence, data compromise and attacks, and develop counter measures.
•  Bake security in from the start: Having security build into silicon reduces complexity.

•  Collaborate (I.E. Move from vendor to partner): Partners build a trusted relationship. Work together as a team to solve problems and move            forward.

Moving to the cloud is a tough decision for many and trust needs to be established.

Zenoss thrives on our customers’ success and we work diligently to build trusted relationships.  We can work together in solving these issues.  Once user and service security policies are defined, monitoring can be defined for those policies, and then security events can be driven into Zenoss to alert the appropriate team of threats.

 

Please provide your email address below to subscribe and enjoy reading updates right from your inbox!