This is the second article in a series of three. The first focused on the importance of making businesses more future-ready and how to work through common obstacles on the path to digitization. We also discussed how modernizing on-premises infrastructure as part of a hybrid cloud approach can best be managed via hyperconverged infrastructure (HCI), enabling modernization that blends the best of the old and new.
In this article, we’ll examine challenges enterprises should consider to develop and maintain a holistic security strategy in a hybrid environment.
Security begins before an attack
Without exception, cybersecurity issues remain a high priority and represent a real threat to organizations. Recent mega-breaches of customer data from household-name companies only serve to underscore the importance of security. Hacked and breached data from workplace sources like mobile and Internet of things (IoT) devices, coupled with a newly disaggregated and remote workforce as a result of covid-19, have changed the threat landscape. In fact, new demands for security, specifically identity and access management to protect remote workers and critical corporate data, drove significant growth in HCI in the last year.
The vast majority of businesses maintain far too much unprotected data. Security breaches have the power to disrupt all business, grinding even the most robust organizations to a halt. The growing adoption of cloud-based models brings a new level of concern for many organizations, particularly among those just beginning their cloud migration.
All of this leads to one conclusion: the need for a comprehensive security strategy for any business considering hybrid cloud adoption.
A multi-layered security strategy
Changing business environments, additional data usage, and evolving threat landscapes require enterprises to adopt a new way of looking at security to support stability, innovation, and growth. Enterprises need a built-in, unified approach, coupled with intelligent threat protection for workloads running across cloud-to-edge environments. Intel and Microsoft are working together to create a chain of trust across software and hardware technology to help protect an organization’s data and applications, no matter where they reside within the hybrid environment.
This multi-layered security strategy integrates Azure Stack HCI software with Intel hardware, where Secured-core servers provide modern security by relying on hardware root-of-trust as a critical building block. A Secured-core program provides additional capabilities that represent the device standard you need to look for when choosing HCI hardware, including firmware sandbox and virtualization-based security (VBS).
Comprehensive security requires multiple angles, including simplification of processes, advanced protection capability, and a preventive defense posture. VBS enables you to isolate critical parts of your system, even protecting you from privileged malware. With Secured-core servers from Microsoft, all of these abilities are enabled, allowing IT and security operations teams to devote their attention to where it is most needed.
As the security software layers improve, attackers and those with malicious intent are increasingly moving down the stack, seeking new vulnerabilities to exploit. Microsoft continues to invest in exploit mitigation technologies that can better leverage the security benefits available from advanced hardware. With this in mind, Intel believes that security must begin at the lowest layer possible: within the silicon. Intel is helping to establish a chain of trust to protect data across all phases of its lifecycle, whether data is at rest, in flight, or in use. This is based on technology innovation in 3rd Generation Intel Xeon Scalable processors with a wide range of capabilities, from creating a hardware-based trusted execution environment to encrypting memory and separately protecting virtual machines and data in-use, to crypto acceleration that delivers breakthrough performance enabling pervasive encryption in the cloud or at the edge.
Security professionals need the ability to identify and directly address threats as they arise in everyday operations across the organization. Here, Azure Defender delivers the broadest resource coverage of any extended detection and response technology (XDR) on the market today, spanning users, devices, applications, virtual machines, SQL databases, IoT, and more—all from a single vendor.
Azure Defender protects Azure and hybrid environments and ensures your cloud infrastructure resources are protected from common threats, such as brute-forcing virtual machines, or attacking storage or SQL injection, or even mitigating threats against containers, the key management service for IoT devices. Azure Defender delivers protection for all these resources from directly within the Azure experience and extends protection to on-premises and multi-cloud virtual machines and SQL databases using Azure Arc.
Tools to support your mission
Forward-thinking leaders agree that implementing a unified infrastructure across software and hardware can quickly strengthen the security posture of an organization. However, to realize the full benefit of a secure approach to hybrid cloud, enterprises will need tools to assess the security status of networks, protect workloads, raise security alerts, and make recommendations to remediate attacks and address future threats—at high speed, in the cloud, with no deployment overhead.
Azure Security Center offers a unified infrastructure security management system that strengthens the security posture of your datacenters and provides advanced threat protection across your environments. Organizations can also make use of Azure cloud services for backup and security, without having to deploy additional on-premises infrastructure.
Providing enterprises with a foundation for the future
Cloud-delivered, cloud-managed infrastructure consolidation enables organizations to modernize and future-proof investments by adopting a true hybrid cloud infrastructure with total security in mind. If your organization is ready to adopt a comprehensive security strategy for a hybrid environment, learn more about Azure Stack HCI today.
Check out the latest Intel-based Azure Stack HCI systems and new features on Azure.com/HCI. While there, download the software, which Microsoft has made available for a 60-day free trial.
Bio: Talal Alqinawi is a senior director of product marketing for Azure marketing at Microsoft, where his passion for how cloud and AI drive digital transformation informs the company’s cloud marketing and product strategy.