Hybrid IT presents SecOps challenges
The Department of Defense (DoD) has long been at the tip of the spear when it comes to successfully melding IT security and operations (SecOps). Over the past few decades, the DoD has shown consistent leadership through a commitment to bringing security awareness into just about every facet of its operations. The growing popularity of hybrid IT poses a challenge to the DoD’s well-honed approach to SecOps.
An increasing number of public sector agencies are moving at least some of their services and applications to the cloud while continuing to maintain critical portions of their infrastructures on-site. This migration is hampered by increased security concerns as agency teams grapple with items like the disconcerting concept of relinquishing control of their data to a third party, or documenting a system access list without knowing everyone behind the cloud provider’s infrastructure.
Here are five strategies teams can employ to help ensure balance and maintain the DoD’s reputation as a model for SecOps success.
Foster an agency-wide commitment to high security standards
The secure-by-design concept does not just apply to the creation of software; it must be a value shared by workers throughout the agency. Everyone, from the CIO down, should be trained on the agency’s specific security protocols and committed to upholding the agency’s high security standards.
Establish clear visibility into hybrid IT environments
Gaining clear visibility into applications and data as they move on- and off-premises is essential. Therefore, agencies should employ next-generation monitoring capabilities that allow SecOps teams to monitor applications wherever they may be. Tools can also be used to help ensure that they have established the appropriate network perimeters and to keep tabs on overall application performance for better quality of service. System and application monitors should be able to provide a complete environmental view to help identify recent and historic trends.
Rely on data to identify potential security holes
Identifying vulnerabilities requires complete data visualization across all networking components, whether they exist on-site or off. Teams should be able to select different sets of metrics of their choice, and easily view activity spikes or anomalies that correspond to those metrics. A graphical representation of the overlaid data can help pinpoint potential issues that deserve immediate attention.
Stay patched and create a software inventory whitelist
Software should be routinely updated to fortify it against the latest viruses and vulnerabilities. Ensure that you track the release of your patches, and make certain you have a documented and tested plan and rollout strategy. The ease of an automated patch management system can quickly become your biggest nightmare if you haven’t done proper validation.
SecOps teams should also collaborate on the creation of a software inventory whitelist. Teams should carefully research the software that is available to them and create a list of solutions that fit their criteria and agency security parameters. The NIST Guide to Application Whitelisting
is a good starting point.
Hybrid IT is challenging the DoD to up its admirable SecOps game. The organization will need to make some strategic adjustments to overcome the challenges that hybrid IT poses, but doing so will undoubtedly yield beneficial results. Agencies will be able to reap the many benefits of hybrid IT while also improving their security postures. That is a win/win for both security and operations teams.
Find the full article on SIGNAL