Your network today extends well beyond the traditional boundaries once imposed by the company LAN and the four walls of the data center. Your business relies on access to sensitive information and applications from branch offices, IoT devices, mobile employees, partners, vendors, customers, suppliers. Cloud-based workloads are pushing your network edge farther and farther away from the control of IT. And in the post-pandemic world, the decentralization of your network has only accelerated.
What hasn’t changed, however, is that your data center serves as the hub of this ever-expanding network of interconnected devices, people, and data. This makes your data center an attractive target for hackers because typically it houses your organization’s most sensitive data and applications. These may include financial information, IP and trade secrets, customer data, as well as the HR, ERP, CRM, finance, supply chain, and other applications that serve as your business and operational backbone.
The attack vectors and areas of exploitation are varied and include: porous corporate networks that are responding to an increasing number of API calls; open ports; unsecured devices; lax, missing or unenforced security policies; partner access to sensitive data and applications; configuration errors; missed updates and patches; outdated and unsupported hardware and software; insider threats; malware (in all its forms); and open, unsegmented network architectures inside the data center. The list is long and grows longer by the day as you expand your digital footprint.
Unless it is completely cloud-based, you run your data center alongside one or more public cloud providers. While giving your organization an elastic infrastructure that responds quickly to changing business resource needs, this scenario introduces vulnerabilities as the attack surface expands to include any security issues within your cloud provider’s infrastructure or with its employees. And then there are containers and virtual machines, which are spun up and decommissioned with such ease and frequency their numbers can increase. Microservices architectures also add to the problem as application functionality is being broken apart into independently deployable services that are called by many different applications across your enterprise.
This growing complexity creates a spaghetti diagram of east-west/north-south data and application traffic that is nearly impossible to decipher, track, or effectively secure. Nor are these dependencies static. Every time someone or something is added to or removed from the network, your diagram changes. It is precisely this complexity that allows bad actors to hide in plain sight – exploring your network, learning patterns, and finding security holes – until the time is right to strike.
High Walls and Deep Waters
The traditional castle-and-moat security strategy that places the deepest water and highest walls around the data center’s perimeter does little to protect your data and applications inside.
Once an intruder breaches your perimeter, they are free to roam undetected and undeterred, for long periods of time. They do this by a variety of means, including using PowerShell commands to move around without triggering IDS/IPS systems. In fact, the average dwell time for hackers before they are discovered often is measured in months, not days, or hours. Some malware goes undetected for years. Even when your networks are segmented using firewalls, subnets, and VLANs, configuration errors and complex, inflexible routing schemes can create as many problems as they solve.
Given all of these issues, the key to greater security is focusing your efforts on protecting what thieves are after in the first place: data. This can be done by using encryption and by limiting and controlling access. Both approaches are enabled and enhanced by implementing Zero Trust cybersecurity architectures that, unlike perimeter-style defenses that only see the outside world as a threat, work by assuming all network traffic is suspect and cannot be trusted. This is where Unisys Stealth® comes in.
Unisys Stealth® Zero Trust Data Center Solution
Unisys Stealth® is software-defined security. It simplifies yet improves network security and serves as the backbone of your whole-network Zero Trust strategy. Stealth™ blankets every corner of your organization’s computing environment with one holistic, consistent, and unwavering security policy—from mobile phones and desktops, to servers, to cloud, and even IoT.