Ask the Data Center Security Expert with Cisco’s Rajneesh Chopra
Rajneesh Chopra is the Director of Product Management and Marketing at Cisco for the enterprise firewall line of technologies and has more than 10 years of product management leadership experience in the networking and data center arena. He also has a very futuristic outlook and a great passion for solving big customer problems.
Rajneesh sees the confluence of mobility, power efficiency, and standardization as the key drivers for change in the next-generation data center and with implications for the way security will need to be addressed. These changes are particularly significant as they are being driven by end-users versus heavy marketing pushes, which can often artificially induce change. Rajneesh delves into each of these factors and the role they play in the next generation data center.
Read More »
Tags: data center security, end-to-end architecture, enterprise firewalls, secure mobility, SecureX
Drawing from a recent read of “Case 1: The Seeds of Dysptopia” in the World Economic Forum 2012 Global Risks 2012 Seventh Edition, it’s now more than apparent than ever that the impact of crime and terrorism in the digital world is fast mirroring that of a physical world. We’re living in an era where attempts to build a more secure world may have unintentionally gone astray as evidenced in Ellen Messmer’s Worst Security Snafus of 2012 where such consequences were clearly not imagined or intended by security vendors and businesses alike. We’re indeed dealing with the opposite of Utopia.
Our digital reality can be very fragile when one considers that how heavily we rely on mobile devices and cloud applications not only to conduct business but also in our personal lives. And the data that is transmitted via these devices and to various cloud applications is increasingly a target for scammers, thieves and hactivists.
And, it’s not only government entities, critical infrastructure and key verticals that are the targets of such attacks; in today’s climate every organization is a prime target. Take the very recent case of an Australian healthcare organization that is being held to ransom by hackers to the tune of AU$4,000 who recently hacked into their database and encrypted the data – it seems an extraordinary scenario for a small organization to be facing. Not only has their data been compromised but it has been rendered inaccessible as the organization now has to find a way to decrypt that data, which is proving to be rather challenging.
So what should organizations do to shore up their defenses? Start by treating data as the key asset to be protected versus fortifying your infrastructure. In today’s world data takes on increased significance – bank account statements, personal information, credit card numbers, trade secrets, government documents. Every one has data they need to ensure tight control off and aligning security controls to the CIA (Confidentiality, Integrity and Availability ) triad can help ensure the right measures are taken.
When we talk about confidentiality of information, it’s about about protecting information from disclosure to unauthorized parties. In addition to measures like encryption, look to beef up access controls by feeding security decisions and intelligence across various enforcement points in the network rather than only at a single choke point in the data stream. Integrity of information refers to protecting information from being modified by unauthorized parties. Leverage global correlation and threat intelligence with reputation-based feeds to protect against new threat vectors and emerging malware. Availability of information means ensuring that authorized parties are able to access the information when needed. Think of the network as a data enforcement layer and link that to a strategy that identifies users based on contextual attributes (where, when, how and business need to know) when accessing critical of confidential information assets. So, what I have outlined is a starting point towards moving one step at a time towards a Utopian Digital Future. What are your strategies? We’d love to hear from you.
Tags: data center security, malware, security decisions and intelligence
With the end of the year fast approaching and the 31st Annual Gartner Data Center Conference in Las Vegas this week, this post is dedicated to a quick reflection on emerging data center trends and their impact on security.
The global technology analyst firm Ovum expects the market to become further focused on cost-savings and efficient internal IT delivery methods with broader virtualization, cloud and the use of converged infrastructure systems in 2013. This closely mirrors the agenda for the Gartner Data Center Conference where the agenda shows focus on trends such as IT Operational Excellence, Optimal Cloud Strategies and Delivering Greater Business Value.
Read More »
Tags: AFCOM, chief privacy office, chief sustainability office, cyber threats, data center security, gartner data center conference, Ovum
Yesterday I introduced you to the Cisco Domain TenSM, Cisco Services’ framework for simplifying data center transformation. This model is applicable to both business (enterprise), public sector (e.g. government, federal) and service provider (incl telco) organizations.
Today I will summarize some key challenges that you should consider when planning a transition to cloud (as one example of data center transformation), for Domain #1 – Facilities and Infrastructure.
Cisco Domain Ten – Simplifying Data Center Transformation
Read More »
Tags: architecture, Cisco Domain Ten, Cisco Services, Cisco UCS, cloud_computing, data center, data center security, storage networks, unified computing, Unified Data Center, Unified Fabric
Data Centers are going through a rapid evolution due to industry trends of virtualization, cloud computing and bring your own device (BYOD) initiatives, putting an even greater strain on IT resources to secure the data, applications and access critical to the success of the business. Today’s data center must be secure and resilient to keep the enterprise running at maximum productivity; protecting its profitability and reputation.
The modern enterprise runs a wide array of commercial and customized applications, and the data within those applications is exactly what attackers are targeting. Those critical applications and servers within the data center continue to be the subject of targeted attacks and sophisticated malware. The 2012 Verizon Data Breach Report highlights that attacks against servers accounted for 94% of all data compromised last year. Strong security controls and visibility measures must be implemented to protect the integrity of the enterprise data center.
Click below to watch a Cisco TechwiseTV Workshop on protecting today’s data center using Cisco Intrusion Prevention Systems (IPS).
Tags: Bring your Own Device (BYOD), data center security, free webinar, intrusion detection, intrusion prevention, TechWiseTV, webinar