Security

CDW Executive SummIT: Cloud Security Is Crucial to Every Business Outcome

No matter what goal your organization is trying to achieve, security elements should be built in from the beginning.

Joe Kuehne is an Associate Editorial Director at BizTech magazine.

IT leaders across industry segments are normally pursuing one of a few common business outcomes. Whether the objective is to accelerate innovation, reduce cost, mitigate risk or improve the customer experience, security should be a vital element underpinning any IT decision.

Security was a recurring theme at the CDW Executive SummIT: Delivering Better Outcomes Through IT. Multiple sessions — including presentations by experts from Zscaler, Palo Alto Networks, Rubrik and VMware — focused on the imperative of keeping security top of mind, especially in a work environment that involves highly distributed employees and endpoints.

The ongoing move to the cloud requires organizations to account for new attack vectors and an expanding threat landscape. According to Tom Gillis, senior vice president and general manager of the network and advanced security business group at VMware, “This is a really, really interesting time in the industry because every enterprise is going on their journeys to cloud. And the cloud is not just where stuff runs, it's how things run.”

“And as we go on that journey, there is an opportunity to think differently about security,” Gillis said. “We cannot simply take traditional firewall mentality and traditional firewall toolsets and transpose them into the cloud offering.”

Click the banner below to receive exclusive industry content when you register as an Insider.

Flipping the Script on Security in the Cloud

Gillis said that many security strategists currently address cloud security by developing different approaches for private versus public clouds. His advice, however, is they should worry instead about the different security needs of traditional versus modern applications.

“I'll argue that you really want to turn that 90 degrees. You really want to have a conversation about, what do I do to protect traditional applications, which are primarily virtual machine–based? And then, what do I do to protect modern applications, which are primarily container-based or Kubernetes-based? Because the concepts between protecting both of them are the same, but the implementation is quite different.”

Gillis cited Log4j as evidence that attackers are adapting not only their techniques but also their objectives. While no major breach has occurred as a result of the widespread vulnerability, Gillis said, “attackers have a motivation to get in and stay in. And this is why lateral security is really a new battleground.”

According to Gillis, lateral security requires segmentation. “Segmentation is a foundational capability. If you don't have segmentation in place, you should leave this conference today.”

Segmentation Can Help Protect Your Apps

Gillis said segmentation can help limit the damage of a potential ransomware attack, explaining that ransomware begins by affecting a single machine. “Now, the attackers are going to move laterally until they find the database, a database that has some size, maybe something they recognize, and there's those credit card numbers in it. That's where the trouble starts.”

Once an attacker is able to access your network, they’re going to explore and attempt to infiltrate the entire environment. “Segmentation puts these firebreaks in place that make it harder for them to just traverse through your network and totally go into your network.”

Segmentation can be very effective in defending traditional, VM-based applications, but cloud-based applications require different methods. Gillis said the same principles apply for both modern applications and traditional apps, but cloud security involves a new concept called service mesh.

A service mesh can have the same impact on that east-west security that a hypervisor has for endpoint security.”

Tom Gillis Senior Vice President and General Manager, Network and Advanced Security Business Group, VMware

What Is a Service Mesh, and How Does It Relate to Security?

“Service mesh is quite new. Many people haven’t heard of it,” Gillis said. “A service mesh can have the same impact on that east-west security that a hypervisor has for endpoint security.”

Gillis explained that a container-based environment has significantly more tiers than a VM-based environment. “It’s not three tiers, it's maybe 300 microservices, maybe even 3,000 microservices. So, you have all these little chunks, these little snippets of code, and they're talking to each other.

“A service mesh is a little traffic cop that sits in between the little proxy that sits in between every one of those microservices. And this is an industry standard thing. This is a Kubernetes construct. And so, Amazon supports service mesh, Google supports service mesh, Azure supports service mesh.”

Gillis emphasized the importance of service mesh being an open-source framework, saying that it needs to remain open-source because it is “the last set of security tools to work on every flavor of Kubernetes that you might ever encounter.”

Keep this page bookmarked for articles and videos from the event, follow us on Twitter @BizTechMagazine and participate in the official event conversation on Twitter at #JoinCDW.