Micro-Segmentation on the Rise for Cloud Security

Micro-Segmentation on the Rise for Cloud Security

The rise in cloud computing and services has meant that organizations have embraced an on-demand infrastructure that enables technical resources to be delivered in an easily consumed and cost-efficient model. Unsurprisingly, software-based approaches to security are also on the rise, which are a better fit than traditional hardware-centric solutions to secure multi-cloud environments.

Results from a security-as-a-service survey by ESG and vArmour show that the top three most desired cloud security attributes are: extensibility (across private and public clouds); scalability (to match cloud resources) and infrastructure agnosticism (independence from underlying IT infrastructure).

In addition, organizations report lowering costs (both CapEx and OpEx) as two of the top three reasons for adopting cloud—making cost an imperative factor to consider when purchasing tools to secure these dynamic environments.

"Given organizations' adoption of cloud architectures and the consistent rise of attacks, more advanced security tactics, such as micro-segmentation, are necessary to lower the risks and costs associated with cybercrime," said Jon Oltsik, ESG senior principal analyst and the founder of the firm's cybersecurity practice.

About half of respondents in an ESG survey set to be released later in the year (51%) listed workload segmentation as a high priority for their cloud security architectures, with 81% of respondents planning to deploy micro-segmentation in the next six to 12 months.

Micro-segmentation brings security inside the data center and makes it available for every workload, not just the critical or regulated systems. It looks at the inherent characteristics of the workload, tying this information back to the security policy and applying it depending on the type of workload, what it will be used for and what kinds of data are being handled.

"Cloud security must adapt to an environment where workloads are decoupled from the physical hardware and delivered from a fabric of pooled resources," said Alan Waite, research director for Gartner’s Technical Professionals Security and Risk Management Strategies team. "As you plan your security approach to your private cloud, you can also lay the groundwork for managing workloads in the public cloud. One way to do this is to provide security as a set of on-demand, scalable services."

As ever, usability will be key to true adoption of the approach. “These micro-segmentation technologies must be simple to use and economical to acquire and maintain, to match the expectations of modern IT delivery models,” said Oltsik.

Photo © Melpomene

Source: Information Security Magazine