Is zero trust the way ahead for data center security?

We look at how data center security protocols are changing

The last two years have transformed the way businesses operate. Large-scale digital transformation has led to an exponential rise in the amount of data being generated. [box type=”info” align=”” class=”” width=””]A recent report by IDC has stated that by 2025, there will be about 175 Zettabytes of data generated[/box]

With such a proliferation of data, businesses also need to be mindful of the rise in cyberattacks. As digital transformation gains momentum, it inadvertently offers cybercriminals more entry points to launch attacks, placing the large volumes of data generated at risk. It thus becomes pertinent for hyperscalers as well as data centers to operate under a zero trust policy to ensure that data is protected at all times.

As hybrid work models become the new normal, data will continue to be spread across datacenters on-premises, in the cloud, and in hybrid environments. Furthering the resolve to operate as a zero-trust network, IT managers need to take on a data centric approach: What this essentially entails is keeping security controls as close to the data as possible. With the right software capabilities that provide a granular file-based event notification system, users can leverage this interface to enjoy greater visibility of data access within the network.

In order to ensure that data is secured, the three main areas of focus should be:

Data Visibility: Any security measures cannot be deployed without knowing what must be protected. Hence it is of utmost significance that there is complete visibility of users, devices, networks, applications, and processes. When planning a zero-trust protection strategy, this can help speed up the process of preventing and countering attacks. Apart from this, in case of a breach, visibility also helps in comprehending the extent of damage the breach has caused.

Data Segmentation: Segmentation integrates security directly into a virtualized workload without requiring a hardware-based firewall. Owing to this, security policies for data centers should be synchronized with a virtual network, virtual machine (VM), operating system (OS), and other virtual security targets. The process of segmenting networks thus helps in minimizing the scope of any denial-of-service (DoS) attacks, if not by 100%, but reduces the speed at which the hacker is trying to invade the system.

Data Protection: Zero-trust models highlight the fact that vulnerabilities may arise anytime and from anywhere. Hence, ensuring threat protection from situations where employees could directly contribute to data breaches, hackers gaining access to an employee’s system, and mobile applications providing a platform for hacking – becomes important; companies that work across cloud and data centers can deploy integrated security products to ensure that their data is secured, and that access to it is next to impossible.

In the near future, IDC estimates that data will represent 61% CAGR, out of which 90 ZB would be attributed to the Internet of Things. Given this exponential growth, the dependency on secure facilities to store and access data will simultaneously increase. Within this scenario, there is a strong need for companies to adhere to the zero-trust model for cloud and data center security further avoiding any potential reputational and financial damage caused by data breaches.

[author title=”” image=”http://”]Puneet Gupta, Managing Director & VP India/SAARC at NetApp India[/author]

[divider style=”solid” top=”20″ bottom=”20″]

Disclaimer: The views expressed in this article are those of the author and do not necessarily reflect the views of the Economic Times – ET Edge Insights, its management, or its members.