Achieve Information Security with Converged Infrastructures
By Deena Dayalan K, Director- IT, Sears India
CIOs of today have several challenges in their hands, posed by an ever changing dynamic IT environment that has demands scaling exponentially. Siloed servers and standalone IT infrastructure in today’s enterprises are not able to meet these demands anymore.These challenges, listed below, demand integrated solutions with simplified user experience and higher effectiveness. Most technology vendors usually focus their concentration only on their respective “stacks”- computing, storage, and network and on helping customers integrate across those stacks. However, until recently, no one was bundling the components into simplified integrated solutions. The above stated challenges can be easily countered using cutting edge technology in the form of Converged Infrastructures (CI).CI is a disarmingly simple concept with sophisticated engineering under the hood. CI packages the basic components- computing/servers, data storage, networking equipment, virtualization and other software for infrastructure management- into integrated and optimized units. According to a recent study by analyst firm IDC on the subject, Converged Infrastructure arrives on-site already configured, tested, and certified, and this is done ahead of time and behind the scenes. This makes it easier to install, deploy, scale up, update, and manage infrastructure, as well as optimize its performance, minimize its cost, and maximize its business value. With CI, IT organizations are now able to rescue skilled resources from “keeping the lights on” and maintain focus on realizing new technology-enabled business opportunities.
While Converged Infrastructures are primarily hardware driven, there is another concept of Hyper converged Infrastructures that is software driven and currently in a stage of infancy. Hyper converged infrastructures will also be demanding data center consolidation in a software-centric design that would be responsible for high speeds and agility in deployment of virtual infrastructure solutions. Data protection capability in hyper converged infrastructure, however, remains a gray area, making adoption a difficult proposition. Converged Infrastructure is catching on very fast. IDC expects adoption to reach 44 percent of corporate IT organizations in the next two years. Another firm, Markets and Markets has predicted that the global CI market would grow to $40 billion in 2019. As of 2014, it stands at approximately $11.5 billion. Key insights for CI implementation Considering the predicted adoption rate for Converged Infrastructures, I recommend the following key insights from the aspect of information security for those who plan to implement converged infrastructure in their enterprises:
• Information security should be of utmost concern while implementing CIs. All pieces of CI must be managed together, from patch management to access management.
• Converged infrastructure products may bring with them their own suite of security tools (with policies), which should be considered while planning. However, when an organization purchases converged infrastructure from a vendor, it should not solely depend on the vendor to provide complete security controls.
• Aligning the products’ security setup with their own security policies and guidelines in order to manage security across platforms seamlessly becomes extremely essential.
• While reviewing products, one must determine how the new infrastructure will fit with existing security tools and controls and what new tools will be required going forward.
• As with any hardware, security is no longer limited to OS, software, etc. New threat vectors include threats against firmware. Therefore, it is necessary to understand how the converged infrastructure is going to be protected against these new threats.
While CI offers a plethora of benefits, enterprises have to approach the concept in a holistic manner, ensuring that the security of information is not compromised.