How does a security framework help to prevent, detect, thwart and mitigate cyber threats

With the unprecedented growth of Managed security services market and the growing acceptance of Security-as-a-service delivery offered by cloud based companies for enterprises and small and medium businesses alike to reduce OPEX and CAPEX related security. Managed security service providers (MSSPs) need to up their ante in addressing the growing threat and their advanced threat protection (ATP) services.

To do that we need to have a Structured Advanced Threat Protection Framework to provide organisations an answer to the new class of advanced targeted attacks. And since there is no all in one solution to assure Protection from a Sophisticated targeted attack, MSSPs should deploy several security technologies with an eye to provide a complete ATP solution. And since, all the range of security software’s available has its own set of strengths and weaknesses. MSSPs should deploy the software’s in such a way that one software’s weakness can be compensated using another software.

FRAMEWORK OF MSSP

“Prevention is better than cure”:

The first step is to prevent the intrusion of threats in to the network by deployment of purpose built software’s like antivirus, antimalware’s and e.tc, to prevent known threats from entering the network. Then through network behaviour analysis we should flag traffic and any activity indicative of an attack in progress like malformed protocols, anomalous traffic associated with vulnerability exploit attempts, Fast flux activity and more. Then we should authenticate legitimate users with the help of authentication software’s and ensure endpoint security in Mobile and BYOD environments.

“You have to be vigilant about keeping your own fire alive.” ― Tift Merritt

The second step is to monitor and detect the suspicious unknown code through IPS and IDS software’s. So, we can sandbox it to analyse by sending it through a network sniffing device to know if it is malicious or not. If its malicious then we can move on to mitigate it as the third step.

“I think malware is a significant threat because the mitigation, like antivirus software, hasn't evolved to a point to really mitigate the risk to a reasonable degree.”- Kevin Mitnick

Upon detecting a threat through the sandbox an alarm will be raised to SOC and its customer to take immediate mitigation to ensure the safety of resources and data. At the same time the response is taken for the improvement of gateway services for fixes and implementing it on all security layers and being delivered to different security enforcement points to update Antivirus and Intrusion prevention systems signatures and e.tc. So, that the threat will be known in all levels and can prevent the threat in the future.

This complete framework’s flexibility in terms of all available options allows MSSP to tailor the best ATP service for each customer’s need. Veeras.com

Considerations inside cloud migration

Cloud Migration is a complicated and intricate process. There are few factors that needs to be considered when an organization is migrating to cloud.

Data Management:

Data management should be a priority when moving to cloud. Have an archival and DR strategy in place. Data frequently used by users that does not change should be near the user. This can be in the form of cache.

Cloud Consideration: 

Application Migration Approaches:

 We should promptly plan for application migration based on short and long term business goals.

•         Virtualization:

                Virtualization facilitates quick and easy migration of cloud as no alteration is required.

•         Application migration:

                  In this process application goes through a minimal architectural modification to make it optimal for cloud deployment.

•          Application Refactoring:

                  This model requires major revamp of application right from the architecture to make use of the latest technology stack.

Re-Platforming:

This is mainly done for platform compatibility issues.

Integration:

  An organization may have their own application and want to retain it in their premises, they also want this application to communicate to the applications in the cloud. This could lead to performance issues if the applications are not properly integrated.

Licensing:

 The applications should have a cloud based license to be deployed effectively in the cloud.

Security

Since your application/ Data will not be on premise and will be sharing space in the cloud provider’s data-center with other organization’s application there is a need to make sure that the applications are securely protected from threats.

Automation

Automation is one of the major advantages of cloud migration. Try to leverage automation as much as possible in your cloud infrastructure. This can enhance performance.

Network configuration

Communication between internal applications should not be through the internet to minimize costs and security risks. External communication can be through internet.

Vendor Lock In

Vendor lock in can happen with cloud providers as integration between different cloud providers is a difficult proposition. So when looking for a cloud provider it is best to compare all the features before choosing any particular cloud vendor. veeras.com

    

Storage Optimization and It's Need

It is storing data in an efficient and effective way as possible and utilizing the storage to its full capacity without decrease in performance.

Technologies like Thin provisioning (Allocating resources only when required), Deduplication (Storing a single instance of duplicated data) and compression are mainly used for storage optimization.

STORAGE OPTIMIZATION AND SECURITY

Every organization has different storage needs. To arrive at an appropriate solution, the storage needs of the organization must be assessed, the performance required (IOPS) evaluated. There are a select few companies who have the necessary proficiency in assessing the organization needs and suggesting an appropriate storage solution.

These Storage Optimization Leaders have gained this proficiency through working in many different customer environments across verticals. 

Need for Storage Optimization:

     There is an explosive and exponential growth of data across many industries and verticals. With the benefits garnered from analytics and big data through insights into the business, many companies are seeing huge data increase in their organization.

This puts a strain on the IT department to increase storage space. Buying new hardware for this purpose is a costly proposition and puts a strain on the IT budget.

At most times, the storage space is not used as effectively and efficiently as possible. Thick provisioning allocates fixed amount of storage space to each application. This space cannot be used by any other application, even when the space is not being utilized.

Most data in a storage are copies of one another. Imagine the amount of space that could be saved if repeated blocks of data do not occupy space.

To reduce IT costs and complexity, there is a need for storage Optimization. Veeras.com