6 Best Practices For Increasing Security In AWS In A Zero Trust World

6 Best Practices For Increasing Security In AWS In A Zero Trust World

AWS Security Best Practices Enterprises are rapidly accelerating the pace at which they’re moving workloads to Amazon Web Services (AWS) for greater cost, scale and speed advantages. And while AWS leads all others as the enterprise public cloud platform of choice, they and all Infrastructure-as-a-Service (IaaS) providers
/
Atman Rathod

UX Design in the Age of DevOps: Transformation Through Collaboration

UX Design in the Age of DevOps DevOps is popular among modern IT strategists because it leaves no scope for lapses in the development process. It incorporates a holistic approach to software development by bringing together agile development and continuous iteration from the operations team.
/
nirav-shah

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments

After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw in 2014 to a whopping $84 billion global market by 2019.

Hybrid cloud environments offer companies the resilience and scalability of the cloud, while also providing the compliance, availability and security typically found in on-premise infrastructures. For IT teams, hybrid infrastructures offer a variety of benefits. The on-premise infrastructure component offers secure, worry-free storage for confidential company information, for instance, and the cloud component offers the ability to easily build new networks and applications without having to worry about scalability, deployment or maintenance.

scale-the-cloud

(Image Source: Shutterstock)

Perhaps the biggest benefit of hybrid cloud environments, however, is the cost savings. Instead of needing to devote entire IT teams and significant capital to build infrastructure that can withstand occasional bursts in network usage that may occur only very rarely, companies can leverage cloud technology to offload some of their heavy network traffic and only pay for it as needed.

Given the plethora of benefits hybrid cloud infrastructures can offer, it’s no wonder so many companies are embracing such environments. However, maintaining the performance and security of hybrid cloud environments can prove difficult. Cloud technology introduces critical security risks that can seriously harm a company’s financial state, not to mention their reputation and customer satisfaction levels. Additionally, the very nature of hybrid cloud environments can put pressure on network performance, which can lead to compromised service levels or even network downtime.

To maintain high performance levels in hybrid cloud environments while also protecting your company against cyber security risks, IT departments should adhere to the following four practices:

1. Prioritize network monitoring

To successfully manage hybrid cloud environments, IT teams need to embrace monitoring solutions that can provide actionable intelligence into the state of their networks, servers and applications. Consider implementing an automatic monitoring tool that can analyze network traffic patterns and offer end-to-end visibility into your applications (e.g. remote desktops or secure file services), your availability (e.g. windows servers, virtual machines, firewalls or load balancers) and your connectivity (e.g. internet-facing links, VPN tunnels to remote offices or interface status/statistics). To ensure critical infrastructure availability and security at all times, IT teams should continually monitor the following basic network components:

  • Routers, switches, firewalls, load balancers, intrusion prevention systemsInternet connectivity, VPN sessions, network traffic and flow records
  • Servers, remote desktops, virtual machines, applications

2. Collect network flow records

bandwidth-issues

By collecting and analyzing network flow records (such as NetFlow, sFlow, J-Flow, and IPFIX), IT teams can view the overall usage of the LAN, WAN and internet, and also determine which users, applications and protocols are consuming the most bandwidth. To simplify network management, improve visibility into traffic and bandwidth usage, and drive performance, IT teams should collect network traffic information on the following:

  • Senders, receivers and conversations
  • Sender and receiver domains
  • Sender and receiver countries
  • Applications and protocols
  • Incoming and outgoing interface traffic
  • Incoming and outgoing interface utilization
  • Bandwidth usage by host and group

Additionally, IT teams should analyze network traffic based on flow data, and pinpoint any network users of non-business applications. Aligning this data with in-depth packet analysis is crucial for obtaining cohesive insights into overall network performance, which can also help reduce ISP costs.

3. Implement log management

IT teams can more effectively detect and alert on any unauthorized activity or security threats to their network by automating the collection, storage and back-up of logs. Some examples of log collection include server and application logs, security logs from firewalls, DDoS and intrusion prevention systems, Syslogs from any source, IIS web server logs, or secure file server logs. Be sure to track, alert and report on events like access and permission changes to Files, Folders and Objects, and always collect the most common log types such as Syslog, Microsoft event or W3C/IIS to help identify potential threats to your network.

With automated log collection and analysis, IT teams can proactively detect any unusual activity on their network and immediately rectify the situation. Additionally, they can leverage log management data to produce monthly reports to provide evidence for audit and compliance purposes at the corporate or executive level.

4. Run penetration tests

In order to discover any network blind spots that hackers could use to gain access to sensitive company information, IT teams should regularly run network penetration tests.

When properly performed, such testing can:

  • Determine the feasibility of certain attack vectors
  • Assess the magnitude of operational impacts by successful attacks
  • Provide evidence that your department needs a larger budget
  • Test the department’s ability to detect and defend against agile attackers
  • Identify vulnerabilities that a simple scan or security assessment might miss
  • Help meet industry compliance specifications such as PCI DSS and/or HIPAA

IT teams should also test their company’s security incidents identification and response capabilities, as well as employee security awareness and security policy compliance. Consider leveraging free, open source penetration testing tools such as Metasploit or BackTrack, as such solutions can help IT teams think like hackers and stay ahead of any potential network threats.

The benefits of hybrid cloud infrastructures are undeniable. Such environments can provide companies with impressive scalability, availability and efficiency, while also offering significant cost savings. However the security risks hybrid environments can introduce need to be taken seriously, as even the smallest network vulnerability can lead to dire consequences. Case in point: The Ponemon Institute recently calculated that the average cost to respond and remediate a network data breach averages companies over $3 million.

data-breach

Don’t jeopardize the health of your hybrid cloud environment and the future of your company. Implement flexible and comprehensive monitoring solutions to analyze your network and keep tabs on your applications, availability and connectivity. Analyze network flow records and automate the collection of logs. Lastly, run network penetration tests in order to find any infrastructure vulnerabilities and determine their specific risk. In doing so, your company can realize the benefits of hybrid cloud environments while also maintaining optimal performance and security.

By Nirav Shah,

Business Line Director, Network Management Products at Ipswitch

CloudTweaks Contributor
Leading Cloud Source Since 2009
Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services. Contact us for a list of our leading brand and thought leadership exposure programs.
follow me

CLOUD PARTNERS | SPONSOR SERVICES

Daren Glenister

Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform Multinational businesses who aren’t up to speed on the regulatory requirements of the European Union’s General Data Protection Regulation ...
Daren Glenister

Cyber Security Tips For Digital Collaboration

Cyber Security Tips October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security and private industry to ensure ...
The Massive Growth of the IoT Services Market

The Massive Growth of the IoT Services Market

Growth of the IoT Services While the Internet of Things has become a popular concept among tech crowds, the consumer IoT remains fragmented. Top companies ...
Cisco News

What is the Current State of Cybersecurity in the Oil & Gas Industry?

/
How is cybersecurity viewed in your organization?  Do you feel like your company is well-positioned against cyber threats in your Operational Technology (OT) areas?  Is there acknowledgement that as more ...
BBC Tech

New Twitter algorithms aim to stamp out trolling

/
A new tool can identify Twitter accounts engaging in bullying with over 90% accuracy, according to researchers. Its algorithms classify two specific types of offensive online behaviour - cyber-bullying and ...
Nvidia News

Seasons of Learning: 700+ Interns Take NVIDIA by Storm

/
There are no coffee runs in sight for NVIDIA interns. Unless it involves building vehicles to make those runs autonomously. This year, more than 700 interns have joined NVIDIA across 30 ...

TRENDING | TECH NEWS