DatacenterDynamics by Country

Country missing? Please select your nearest region...

IT professionals have it tough today. Constantly under close scrutiny by the business to support innovation and create a more efficient and resilient organization, IT also needs to manage the never-ending security threats that come hand-in-hand with this user-centric world. Driving innovation whilst mitigating risk can indeed sometimes seem like an impossible equation.

 

The feeling of ‘losing control’ is closely aligned with innovation. After years of maintaining a stalwart approach to the centralised control, delivery and management of IT, the end-user and their consumer devices, along with technologies such as virtualization, are becoming disruptive forces in changing the traditional power structure.

 

It’s certainly not a bad thing – indeed, delving outside of your comfort zone is often when the best innovations occur – however, such shifts make it increasingly difficult to manage security and prevent new threats from impacting the organization. As technology continues to outpace compliance and governance policies, the issue suddenly becomes more prominent.

 

Security plays a vital role in any virtualized workplace. Employees require access to a range of applications on multiple security systems that already have stringent security policies in place, but in order to provide isolated access, they require security without compromise. IT is tasked with the challenge of enabling access, while keeping information secure.

 

It is certainly becoming more difficult, which events over the past year have highlighted. For instance, the number of targeted cyber-attacks on organizations, and malware-embedded phishing attacks on specific executives, demonstrate a new way of thinking by cyber-criminals who are exploiting technology innovation to cause disruption to organizations and benefit for their own personal gain. Indeed, recent research from Juniper Networks’ annual Malicious Mobile Threats Report noted a 472% increase in Android malware samples since July 2011, with October and November shaping up to see the fastest growth in Android malware in the history of the platform.

 

Cybercriminals are also becoming more sophisticated in the malware they write. Earlier this year, Juniper began seeing Android malware that was capable of leveraging one of several platform vulnerabilities where it could then gain root access onto devices and run in the background. It would then install additional packages to the device to extend the functionality of the malware and gain access to the user’s personal or business information. If this malware uploads onto a server and spreads through the network, organisations have a massive problem on their hands. Nearly every piece of malware that is released today contains such capabilities, simply because the vulnerabilities remain prevalent in nearly 90 per cent of Android devices, which users are usually oblivious to.

 

With the consumerization of IT increasingly becoming a reality, and virtualization becoming more prevalent, these threats are being brought into the workplace. Without the right security measures in place, such attacks can cause widespread disorder, and a very public disaster. It’s important for IT to have a holistic view of the environment, define policies, automate enforcement and focus on securing the data centre. They also need to be acutely aware of the network and the problems that can arise if malware gets into the heart of the organisation’s data source.

 

To protect the network today, it’s no longer good enough to know what is on the network; organisations must know who is on the network and what they can see and do. They also need security tools that are designed for today’s data centre environments – they must be dynamic and identity aware, and they must deliver application visibility.