Five Security Best Practices for Cloud and Virtualization Platforms

The growth of data, users, virtual systems, and the cloud itself has created new security concerns spanning the entire data center. There are new types of targets, advanced attack vectors, and a lot of valuable information that can be compromised. In March of 2013, we saw a DDoS attack against Spamhaus which shook the cloud world. A 300+Gbps peak DDoS attack was registered. A recent Arbor Networks article puts it into perspective: “This is the largest known DDoS attack to date by a significant margin. The previous largest reported (and verified) attacks were at around 100Gb/sec. However, this is not the only example of a large (damaging) DNS reflection/amplification attack to have taken place this year.” More recently, Juniper Research pointed out that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015.

It’s no wonder that respondents to the latest AFCOM State of the Data Center survey indicate that security is still a top concern when implementing a cloud architecture. Not surprisingly, 32 percent said that security continues to be a big concern around both physical and logical aspects of the cloud.

What are you doing to better protect your virtual platform and cloud environment? Are you creating an intelligent system that can handle these new types of threats? Although there are many solid ideas and best practices, here are five that will get you ahead of the game.

1. Utilize intuitive management. Virtualization and cloud computing have helped expand the modern data center. Just like these systems, your security platform must be able to scale. This means utilizing one intuitive security management console for multiple data center and virtualization points. Using permissions, administrators can have specific access to authorized security areas. This unified console allows for improved visibility into the complete virtual layer as well as the workloads accessing virtual resources.
2. Create security efficiency. One misconception is that security is just an extra layer creating additional overhead. The reality is that it doesn’t have to be. Better integration at the hypervisor layer, improved resource utilization, and even agentless technology are all improving how your security platform integrates with your data center. Security can help improve efficiency by allowing administrators to deploy solid policies while still maintaining VM density.
3. Integrate security scalability. Modern cloud and virtualization environments now span multiple locations. In the same respect, your security platform must be able to scale as well. Whether you have instances in public, private, or hybrid cloud, your security must be able to handle new types of requirements. Scalable security means the capability to handle high-density multi-tenant cloud and virtualization environments. So, if you’re spanning multiple cloud types and data centers, make sure to utilize a security solution that can span as well.
4. Be proactive! Imagine being able to capture malicious attacks before they even hit your VM or to enforce policies while a virtual workload is only being provisioned. Creating security intelligence and automation allows administrators to focus on new types of deployment methodologies while allowing the security engine to operate. As attacks against the modern data center continue to evolve, your security infrastructure will need to stay proactive and agile.
5. Integrating compliance and regulation. For those organizations bound by compliance and regulations, cloud infrastructure can be a bit of a challenge. With that in mind, you can still deploy security platforms which will enforce PCI-DSS, HIPAA, and Sarbanes-Oxley compliance and security standards. These security platforms go far beyond standard AV services. Compliance-ready security platforms will utilize integrated firewalls, intrusion detection services, and even ensure complete traffic control and isolation between virtual workloads.

Remember, there are a lot of great ways to optimize and enhance your virtualization and cloud infrastructure. However, it’s always critical to take security into direct consideration. With modern security platforms, data center administrators can truly leverage scalable intelligence. Policies, controls, and visibility now scale between data centers and various data points. Security isn’t just a component of your environment; it is also a means to directly optimize and enhance the performance of your virtual platform.