IT organisations do everything they can to avoid a security breach. Yet, despite employing a host of data security policies, tools and hardware, some businesses and government agencies still succumb to attacks.
According to Ponemon Institute, “data breaches continue to be costlier and result in more consumer records being lost or stolen, year after year.” The average total cost of a data breach is $3.86 million,1 according to Ponemon Institute. Meanwhile, IDC predicts that worldwide spending on security-related hardware, software and services is forecast to reach $103.1 billion in 2019, an increase of 9.4 percent over 2018.2
Given these stats, is a perimeter-based approach that “chases the bad” the most sensible and cost-effective security policy? With organisations putting more focus on cloud-based and cloud-native apps to serve a more-mobile workforce and customer base, traditional hardware-based approaches that focus on protecting the network perimeter may not be the best bet.
What if organisations focused on ensuring good; in other words, what if they identified good behaviour so they could more easily spot anomalies? VMware describes this as gaining a “homecourt advantage.”
"If someone were to sneak into my house, I’m going to know,” explains Tom Corn, VMware senior vice president and general manager of security products. “If there’s a noise in the playroom, study or living room, that means something isn’t right. Why don’t we take advantage of this in business? We know our digital ecosystem and how it’s used. That might be the single advantage defenders have against attackers.”
Corn proposes a security model that defines what “normal” looks like within a digital ecosystem. That means knowing how apps and users should behave and act, how the network should perform, what virtual machines should do and where your data should go.
Once that’s defined, your IT team can quickly identify abnormal behaviour and take action. The homecourt advantage approach limits the attack surface and shifts the focus to securing apps and data instead of the perimeter.
This approach makes sense in particular for businesses focused on mobile and cloud apps. Businesses with virtualised environments can leverage the unique properties of a virtual and mobile infrastructure with security that is intrinsic to the environment, rather than bolted on.
Intrinsic security is based on the “never trust, always verify” zero-trust principle that forestalls the lateral movement of a threat inside a network. Perimeter-based security approaches don’t necessarily protect what’s inside the network. Intrinsic security leverages micro-segmentation, a feature of network virtualisation platforms such as VMware NSX, to isolate workloads from one another. You can set policies for individual workloads, giving your IT teams greater control over the lateral communication that happens between servers. If a breach does occur, the threat is contained.
VMware takes micro-segmentation further with its VMware AppDefense software, which learns the intended state and behaviour of applications. If a threat is detected due to abnormal behaviour, AppDefense automatically responds by locking down the workloads that compromise applications. And AppDefense is flexible enough to accommodate the rapid rate of change of modern applications.
Interfaith Medical Center, a not-for-profit healthcare organization that serves the residents of Kings County in New York, uses NSX for micro-segmentation and AppDefense to protect patient data. It shares medical information with patients via a patient portal and is working to improve security for its growing network of medical devices as the Internet of Things transforms healthcare.
“We want to do more than just be compliant. We want to do everything we can to protect our network and our patient data from being compromised,” explains Christopher Frenz, assistant vice president of Information Security and Infrastructure at Interfaith Medical. “That’s always a challenge with a small IT team, so we wanted to use software and automation to be more efficient.”
Frenz adds: “AppDefense complements our other security solutions very nicely by filling a gap that we didn’t have covered before. Ransomware attacks against hospitals do happen, and you can lose thousands of computers in minutes. With AppDefense and NSX Data Center bolstering our vSphere foundation [VMware’s cloud virtualisation environment], we can mitigate risk by extending a zero-trust model across the network, all the way to the endpoints. It’s a powerful combination.”
In the same way that Interfaith is ensuring a secure environment as it begins to support IoT data, Chicago-based financial services provider Alliant Credit Union is driving a digital transformation to support digital banking. “Security is the number one thing that will give users a better experience—knowing that we’re doing everything in our control to ensure that their assets are secure,” says Julio Arevalo, manager of systems engineering at Alliant.
Alliant uses VMware Horizon for desktop and applications virtualisation and it’s leveraging micro-segmentation in NSX to secure its environment inside the perimeter. “Integrating NSX with Horizon has been beneficial because we can protect the virtual machines from themselves,” says Scott Namovicz, a senior systems engineer at Alliant.
Modern organisations don’t want to be hamstrung by legacy approaches to security that don’t allow for agility and can’t adapt to the environment. Hutto Independent School District (ISD) of Texas serves a student population of 7,000, from ages 4 to 18. It requires a security environment that allows it to set security policies that would make sense for a user population with diverse needs.
“Security is something that we take very seriously. It’s the unknown threat that we’re most concerned about,” says Travis Brown, director of technology at Hutto ISD.
“VMware is an integral part of our security strategy and NSX is a big part of that. It provides us with a lot of agility and enables us to make a lot of changes” says Brown, adding that AppDefense helps his organisation be as proactive as possible. “It’s a new generation of security,” he says.
Security may not be the most glamorous aspect of digital transformation but when it’s intrinsic to your digital foundation, it enables you to operate with agility and scale—and frees your teams to innovate. Enhance your digital transformation journey by understanding how you can realize new possibilities with intrinsic security from VMware. Download our white paper, “Core Principles of Cyber Hygiene in a World of Cloud and Mobility,” to learn more. ▪