Up till now one of the functions organizations have looked to the Cloud to provide is backup of infrastructure. Now throughout this article wherever there is reference to cloud computing it should be assumed the cloud service could be using an externally hosted using a Cloud service provider, hosted on your own equipment (Private cloud) or a combination of both (Hybrid cloud).
Today there is a greater acceptance of the Clouds role within a company’s risk mitigation strategy as this backup a option that has gradually replaced the use of physical on premise equipment. In their haste many companies, haven’t been quite as careful as they should to plan the subsequent changes this shift has made on the security of their platforms, and in some case have opened up new holes that were previously unthought-of.
Industry has within this new period found that building complex security options by means of firewalls and control procedures around their physical systems is the most logical precaution, but in doing this it has become clear that traditional security measures come at a high cost and are still not all together without their own risks.
The world has been moving towards virtualization for some time. Several years back their was a misconception that Virtual machines were slower but as always technology has advanced to close that gap. This has given rise to an entire industry that uses virtual systems, data processing centers to provide a pay as you go service (SaaS, IaaS, PasS). These new hosted services running on virtual platforms have an altogether new range of issues that a business professional must take into consideration.
Typically the issues management should consider are the threat of loss through; system disaster, hacking , neglect, human error , business growth or decline, virus, denial of service just for starters.
It makes good sense and is supported by a long list of success cases, to transition your existing on premise systems to virtualized systems running on either a separate sever hosted in the cloud or your own private cloud hosted on premise. All the major development and new ideas will be directed towards this type of technology, and although single purpose server will remain around for many years to come, its clear that all the new innovations will surface first on technologies that take advantage for virtualization principles, be that VMware, Docker (application) contains or Microsoft services.
From a security and management standpoint, the first step for any company is to; after moving from physical to virtual servers for hosting of business systems to then merge physical / server centric security / server management systems to those provided by vendors (Virtualization and Hypervisor platforms). Whilst their effectiveness can vary (with virtualization focused strategy for VM's and hypervisor within the virtual system) , it is clear that using the traditional security practices will not be enough moving forward. A different approach widely adopted can be separate security and infrastructure and that's where virtualization performs a vital function.
Regardless of whether the company increasing it’s use of virtualization or just transitioning existing servers to a virtual platform, here are some ideas on the benefits.
Variety provides multiple layers of protection
The sheer number of software applications, configurations, business requirements, industries and personal creative biases that are used across systems these days, makes it improbable that identical infrastructures are created. Therefore given each company’s infrastructure in itself unique, this helps to provide a security barrier to any would be perpetrator trying to discover, learn a new environment. So it makes the systems more difficult to crack, and even if the penetrator has deep knowledge of a specific product, it is highly unlikely he/she would know how it is used, configured in your environment. The inverse of this is of course new staff joining an organization has to start all over to learn "where things are", but most firms have induction programs to overcome this.
Then there is the number of applications, vendor supplied tools, API's and technologies making it difficult for any would be hacker to know enough to have sufficient experience across all disciplines to be a threat to a modern system.
Again the flip side of this is also that your staff have to be specialized and wont ever become fully acquainted with all the systems in use within your infrastructure. Virtualization is of assistance here as it manages the majority of the tasks needed to protect, recover and maintain the server instances that host your company data and applications. These virtual machines can deploy software using entire server (instances) or as what is called "micro-segmentation" or "application containers" which offer additional layers of protection along side improved performance and further protection against failure coming when applying new software updates. Security solutions are today custom built to each and every environment, and will differ greatly from company to company.
Virtualization means systems are always on-line
More and more people are recognizing new benefits from having systems always available.
In the past machines needed to be periodically shut down for a variety of reasons. When they were down or undergoing restart people were locked out of the machine and productivity and business opportunity was lost.
Today the nature of virtualization is such that on line backup, snapshot capabilities allow servers to be constantly on and in rare cases where for example an upgrade is underway, people can be quickly provided with a "Cloned" version of a machine to use whilst the main machine is undergoing maintenance.
Another benefit of virtualization is in its ability to allow the business to quickly try new ideas and at a low cost. Business units can test a new idea on a server in minutes, whereas with traditional infrastructure, new servers, capital expenditure, staff and resources would need to be found and allocated.
This is not so with virtualization. Today businesses are discover the benefits of being able to spin up a new server and test an idea , market or process with minimal additional costs. A functional manager can approve these projects within their local budget.
Innovation in a sense becomes more a part of day to day activity rather than a strategic capital outlay.
These virtual business experiments can be localized so any possible to avoid security holes being exposed to anyone outside the business unit. Access would always be restricted to specific people or groups to mitigate risk.
Your systems can be accessed internally or externally and today security and encryption technologies are much stronger than 10 years ago, but the centralised control of all these machine is what gives your organization the greatest protection through it's virtualized environment. The premise behind control is not just to protect servers and all their data. It is to manage access to smaller parts of the infrastructure and give granular control and reporting over usage and access that you can manage centrally with the click of a button.
Modern systems are not constrained to the practice of reading log files to identify problems; they are instead systems capable of warning and even take counter measures when there is a problem.
- Once we relied on a firewall to protect our systems and these were usually a physical box.
Today in which it is considered to be a sophisticated program that can be configured to your environment. Modern virtualized environments give the business to manage software and data at a more micro level. It provides virtual walls that can encapsulate small virtual servers around specific data and applications. These partitions don’t prevent the applications from exchanging data with other enterprise applications.
- Alerts and reconfiguration.
Most virtual environments are now managed by software. Using this it is possible to configure systems to respond to events. Systems can respond to events by; Cutting access, sending email or SMS, answer phone calls and / or telephone security the company, specific people to alert them of pending issues.
Some small to medium enterprises are using virtualization and container based applications on Network Access Storage devices (NAS), iOT, IFTTT and open source free software to take actions in response to events. These actions might include turning on/off equipment, lights, sending messages, locking doors. Many of these environments use virtualization for the more traditional multi-user server access by staff. What is new is the user of smaller servers running as Docker containers or micro-services that perform just one specific task such as interfacing with small iOT devices or managing a task in conjunction with IFTTT.
- Embracing New technologies.
Some businesses are using virtualization to make use progressive technologies such as Google Home assistant. One company uses Google Home to accept verbal commands to control equipment and assist with routine tasks.
Making businesses more successful
The cultures of modern companies have changed and users that are no longer just a group of people working in offices around the country. Users are partners, shareholders, the industry and as always customers. All these people communicate with the business at different times and in different ways. The modern-day business really needs to keep up it's competencies so it can react to these needs as they arise.
Much of the initial discussion around use of virtualization within a business starts with the financial justification, which is almost always based on risk and cost saving. Whilst these outcomes and benefits are real and cannot be ignored I would encourage businesses to step back and greet the bigger picture. Virtualization and application containers will be at the forefront of business innovation for the foreseeable future and it’s important to companies to develop the internal competencies needed to use it. It seems likely that company's all firms will need this to be successful in the future and the earlier adopters should gain an early competitive advantage.