Monday 7 January 2019

The Security – Automation Tango: Simple Approaches to a Robust IT Infrastructure Security

You need two to Tango. Apparently, so does a secure IT infrastructure.

Dell EMC Security, Dell EMC Study Materials, Dell EMC Guides, Dell EMC Tutorial and Materials

A thriving enterprise needs a modern datacenter to successfully meet its business objectives. A key pre-requisite for a modern datacenter is a robust infrastructure security. And, for a robust security to be effective, it needs to be intelligently automated.

The infrastructure security dilemma


At its core, every enterprise is a data business. And data is vulnerable to malicious actors. An average data breach is costing organizations between $3M – $5M1. The impact of these breaches is not just financial but also a loss of trust. Both internally and externally.

Enterprises have not had a lack of security tools. Multiple surveys have consistently shown enterprises have an average of 75 security tools. However, these tools struggle to work with each other or across the datacenter. This situation only gets worse. There is a looming shortage of security professionals with an estimated shortage of 3.5M skilled professionals by 20213.

Enterprises are at a dire crossroads. Critical IT infrastructure faces security risk. The current tools are inadequate. And there are not enough security professionals in the industry.

How are enterprises to conduct business in a safe, frictionless manner while protecting its business and customers?

Two to Tango


Successful enterprises have adopted two guiding principles to address this dilemma –

1. Integrate security deep into the infrastructure

To effectively integrate security into the infrastructure, one should start with the infrastructure components. One of the key  building blocks is  the server. The National Institute of Standards and Technology (NIST) has recommends system designers to adopt the Cyber Security Framework4. This way security can be built into each and every subsystem. This enables systems to identify, protect, detect, respond and recover from malicious activities when they occur.

2. Automate as much of this robust security as possible

Intelligent automation increases the efficiency and consistency of actions. Combining intelligent automation to the Cyber Security Framework makes for a robust IT infrastructure.

Dell EMC has adopted these two guiding principles for all their PowerEdge server designs. Based on the Cyber Security Framework, Dell EMC has developed a Cyber Resilient Architecture to protect servers against cybersecurity attacks. Every PowerEdge server is made safer with a Cyber Resilient Architecture and supported by impressive security and automation features. Let’s examine a few of these innovative features.

Securely protect from malicious activity


Every server undergoes routine BIOS and firmware updates. However, these routine maintenance activities present a vulnerability that malicious actors could take advantage of. To mitigate this, every PowerEdge server comes designed with an immutable silicon-based Root-of-Trust mechanism. This mechanism cryptographically verifies the authenticity of every firmware and BIOS update. A verification failure results in a rejection of the request and user notification.

A similar automatic verification is conducted when the server is booted up as well. Key routine tasks are quietly but effectively verified. There are several automated security features including Chassis Intrusion Alert, Signed Firmware Updates, and Supply Chain Assurance that are deliberately designed to protect the server infrastructure.

Diligently detect malicious activity


It is critical to determine if and when your servers are compromised. This requires visibility into the configuration, the health status of the server sub-systems. Any changes to BIOS, firmware and Option ROMs within the boot process should be detected immediately. To help automate this, PowerEdge servers employs iDRAC.

The iDRAC is a dedicated systems hardware, to comprehensively monitor the server and take remedial action depending on the event. For example, one of the interesting and automated security checks the iDRAC provides is Drift Detection. System Administrators can define their server configuration baseline based on their security and performance needs. iDRAC has the ability to detect deviance from the baseline. It also helps repair the drift with simple workflows to stage the changes.

System Administrators can proactively take action to keep their server infrastructure secure with multiple alerts and logs from iDRAC.

Rapidly recover from malicious activity


In the event of a security breach, it is critical for enterprises to limit the damage and rapidly get back to normalcy. PowerEdge servers have a few features to support swift restoration to a known good state. The BIOS and OS recovery feature uses a special, protected area that stores the pristine images. This helps servers rapidly recover from corrupted OS or BIOS images. Additionally, the iDRAC stores a backup BIOS image that ensures “automated” and on-demand Cyber Resilient BIOS recovery. System administrators can easily restore the servers back to its original state immediately following an adverse event.

If the server system needs to be retired or replaced, PowerEdge servers use System Erase to safely, securely and ecologically-friendly manner to erase sensitive data and settings.

A brief overview of PowerEdge Security and Automation

As the above examples highlight, robust security needs to be intelligently automated. And intelligent automation needs to have integrated security.

IT takes two to Tango.

PowerEdge servers come with a wide variety of such robust security and automated features including HW + interfaces (like TPM, SED drives) that the OS then uses to build an OS-level security infrastructure. IT Leaders have been referring to this popular guide to server security to calibrate their systems to best practices of keeping their critical infrastructure safe and secure. Does your critical infrastructure meet these considerations?

Related Posts

1 comment: