5 Ways Multi-Cloud Discovery Can Enhance IT Security

BY

2017 is almost over and as expected, has achieved new records in technology adoption, driven by the transformation of traditional businesses into digital enterprises. While several huge security breaches have been in the news this year, the threat level continues to grow, with cybercrime getting more organized, and derailing the power of new technology.

If your organization is still struggling with ways to improve security, here are 5 ways to more efficiently bridge the gap between IT security teams and operations teams by leveraging the insight provided by data center discovery and dependency mapping.

#1 Build a common configuration repository

Establishing a configuration management process across the enterprise allows you to break silos when decisions are made that involve enterprise architecture, systems management, and IT security. Using a common repository for configuration data enables you to reduce the effort required to gather and maintain quality data from multiple sources, agree on data formats, and speak common languages.

Leveraging a comprehensive heterogenous cloud discovery and dependency mapping solution also helps reduce implementation complexity. This drives requirements for such solutions to address hybrid and multi-cloud deployments, be scalable, secured through industry certifications (e.g. FIPS140-2, Common Criteria), and able to integrate with security tools (e.g. PAM such as CyberArk, portals such as BMC Threat Director, SIEM, etc).

I have seen many implementations come to faster success via a close partnership between the configuration management team and the IT security group who provide access authorizations. This is made possible by prioritizing the benefits of relying on trusted and up-to-date data over the risks of giving such access rights.

#2 Leverage automated inventory scans for compliance

Internal or regulatory compliance (e.g. PCI, SOX, HIPAA) require regular assessment of asset inventory, and their business function.

However, a mature organization should consider inventory audits as non-events, and rather target continuous checks and improvements. It is much more cost-effective to implement automated discovery that guarantees always available and high quality reports.

Also, at the pace of change required by digital transformation, inventory data is difficult to gather and maintain. A benefit to a multi-cloud approach is to avoid vendor lock-in, so you can expect even more change going forward. There are many benefits to establishing good discovery practices, including identifying integrations with virtualization or cloud APIs as well as identifying unknown use of applications and servers, commonly referred to as Shadow IT. Now might be a good time to review how you keep track of your compute, software, network and storage inventory and seek optimizations.

#3 Consistently identify misconfigurations

Many security breaches are a direct result of misconfigurations. Another benefit of multi-cloud discovery is achieved through leveraging its data to participate in the vulnerability management process.

Through the richness of both the raw data that is gathered, as well as additional intelligence to interpret this data, derive relationships etc, it is possible to proactively identify misconfigurations:

  • This can be basic technical data such as ports that should not be open, unsupported hardware, unauthorized or vulnerable software or operating systems
  • It can also be components that are not attached to a business function or that do not have the baseline security tools installed
  • And dependency mapping can participate in more complex assessments such as disaster recovery or when merging infrastructure post-acquisition

Having a well-established process relying on trusted data to address configuration issues can lead you to quick wins in protecting your organization.

#4 Pragmatically prioritize remediation

Because eradicating all vulnerabilities is impossible, organizations need to prioritize vulnerabilities to isolate those that have the greatest impact, and deploy resources in the most effective manner possible.

Vulnerability knowledge bases and scanning tools allow you to sort security issue criticality, but a second angle to prioritization is to look at application maps and impact models to determine the exposure to the business.

Data center discovery and dependency mapping augments the vulnerability management process by:

  • Providing insight into how applications are deployed and protected (e.g. it might not matter as much that a web server is vulnerable to certain attacks if it is protected by a firewall)
  • Providing the business context to infrastructure components (e.g. adjust the priorities based on the business impact that would result from loss of data or disruption)

#5 Strengthen change management

A challenge that is commonly faced is the friction between security teams that make system configuration recommendations (e.g. patches to deploy) and operations teams who are focused on reliability and availability.

This friction frequently results in lengthy decision cycles with an unacceptable window of exposure, and potential re-work of unplanned downtime.

Multi-cloud discovery and dependency mapping delivers an accurate and comprehensive understanding of change impacts to ensure that security implementation and remediation plans are appropriate and will result in a smooth transition. It also allows to properly track changes over time.

This results in faster decisions, safer rollouts, and improved collaboration.

Now is a good time to review your change management process and ensure it relies on robust data. The benefits will extend beyond IT security.

I wish you and your organizations a safe end of the year, and recommend you visit the BMC SecOps webpage or try BMC Discovery for yourself.  In addition, we invite you to read the new Forbes Insights Security Survey to see how you can benefit your security practice.

This post updated 10/17/2017

Related posts:

Start Discovering Now


Start your trial experience in a data center we have created for you, then download Discovery and see for yourself how quickly you can start using it.

Try it now ›

These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

Share This Post


Raphael Chauvel

Raphael Chauvel

Raphaël Chauvel is a Director of Product Management at BMC Software and has 20 years of experience in developing and marketing products in the areas of Data Center Discovery, IT Service Management, and Client Management. Raphaël is currently leading product management for BMC Atrium CMDB, BMC Discovery, and BMC Client Management. His team focuses on managing product strategy, ensuring product lifecycle aligns with customer and business needs, and that BMC and partners are enabled to these products. He joined BMC in February 2012 with the acquisition of Numara Software and currently resides in France.