AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

Never Forget the Physical Aspects of Corporate Security

by
[addtoany]

It’s all about cloud computing these days. Our ability to deliver rich content, streamline data control, and develop advanced virtual technologies are all fueling the expansion of the cloud environment.  But through all of these advancements we must never forget one very important fact: The cloud has to live somewhere – and that somewhere is the data center.

Cloud security is critical. We have a lot of next-generation cloud-ready security technologies providing virtual services, IPS/IDS, and other key functions. But what about the physical side of corporate security? What about the latest trends around the endpoint? What about securing the physical firewall as it acts as the gateway for most cloud traffic? As much as security in the cloud is important – physical corporate security shouldn’t be overlooked.

  • Understanding the new kind of endpoint. It’s no longer just the desktop out there. In fact, the very concept of a desktop is quickly changing. The modern user is highly connected, highly mobile and always on. So how do you keep up? How do you secure these endpoints? You really don’t. You work to secure the data. There is a revolution going on around physical endpoint control. Organizations are asking the simple question of “why should I be responsible for it?” And – they’re right. As a corporation, you’re able to deliver virtual applications, desktops and secure file sharing all onto a verified user-owned device. You’re able to enact physical security policies like ensuring a secure connection, that there is an updated AV, and that the user has authenticated with appropriate dual-factor authentication. The idea with this new kind of corporate endpoint is why secure a cheap device when nothing will be stored on it anyway.
  • Creating good security policies. In the healthcare world some of the biggest breaches are the result of an unlocked server room or poorly encrypted Excel files. Good security policies span users, data centers, devices, and more. There are two ways to look at this. From a security policy perspective – there are new technologies which help automate the entire security policy change workflow. This means from submission and design to risk analysis, implementation, validation and audit. Furthermore, this unique technology can automatically implement recommended policy changes directly on the device, saving time and avoiding manual errors. Physical corporate security will also span data centers, the racks within them and all of the data that flows through that network. One of the biggest pieces of advice around a good corporate security policy is to ensure a truly well-planned out and comprehensive approach to holistic security. Beyond that – never get complacent and always test against those policies.
  • Controlling your cloud gateway/firewall. The gateway to your private or hybrid cloud platform will still heavily rely on the firewall architecture. Now, more than ever before – your firewall environment is truly expansive. You may be encompassing several data centers and numerous branch locations. These are all data and cloud points. New firewall-analyzing technologies help create powerful maps around traffic, network flow, and security controls which span your entire cloud architecture. Physical corporate security relies on the physical gatekeepers to your data center and internal environment. Good firewall analyzer technologies allow you to have visibility around complex networks and security policies across a broad range of devices and vendors. All of this allows you to make daily firewall operations easier and more effective. From a proactive approach – controlling your distributed firewall architecture with a firewall analyzer allows you to generate an interactive topology map of all network firewalls and routers, subnets and zones, and delivers instant visibility of the impact of security policies on network traffic through powerful troubleshooting, change planning and “what-if” queries.

It’s clear that cloud isn’t going anywhere. In fact, organizations are now directly building their entire business model around the capabilities of cloud computing. Still, for those enterprises working with a hybrid cloud model or their own private instances – securing the physical side of your corporate environment is critical. When you begin to understand everything from endpoint to rack security – you’ll see the full spectrum of corporate security control. Good security practices can scale from desktop to cloud – and beyond.

Subscribe to Blog

Receive notifications of new posts by email.