The world has been turned upside down amidst the COVID-19 pandemic, and organizations that are trying to maintain best IT and security practices are faced with new challenges such as sudden remote workforces, increased COVID-19-related phishing and business e-mail compromise scams, and quarantine-imposed travel restrictions.
Are you facing disruptions in your workforce, limitations in the supply chain and up-ended disaster plans? You’re not alone. A recent survey, Critical Gaps in Business Continuity Plans: Exclusive Survey Results, reported that 62% of businesses surveyed have business continuity plans, but 48% said their plans only cover emergency operations for two to three weeks.
With increased limitations affecting enterprises, what are the top three things organizations must prioritize for optimal security and minimal outages to aim for business as usual?
Consider the Cloud
If you have been considering the cloud for your IT and information security infrastructure, now might be the right time to explore all your options and make strategic moves. Eighty-three percent of enterprise workloads will be in the cloud this year, according to a recent LogicMonitor cloud study, and security hardware and applications will be no exception to that trend. The cloud can increase your capacity and facilitate remote access to vital business functions, especially now when redundancy and scalability are more important than ever.
For example, the cloud could be a temporary solution for a retailer whose existing payment processing infrastructure is overloaded and declining transactions as a result. It doesn’t replace their existing on-premises environment, but it augments it by adding on-demand scalability. This could cover a temporary surge in demand or stand in during a full-blown outage. Do you know whether your existing applications have cloud-based extensibility?
Quite often, organizations aren’t aware of the cloud capabilities they can already utilize. During times of uncertainty, the cloud can be a good temporary approach and does not have to be a big expenditure. Organizations can pursue the cloud with a low commitment, month-to-month contract, and consider it more permanently at a later date.
When moving workloads to the cloud, considering security is of paramount importance. Many public cloud providers such as AWS, Azure and Google Cloud Platform offer functions to help secure these workloads and applications, and one gaining a great deal of attention is encryption key management. All major public cloud providers offer methods for their users to self-manage the keys used to encrypt, decrypt, digitally sign,and validate data. This technology is known as Bring Your Own Key (BYOK) and is a high assurance method for letting organizations retain control of their own cryptographic keys even after moving to the cloud.
System failures are not an option in mission-critical environments, and redundancy will offer up backup to increase the reliability of your systems. Given the current COVID-19 situation, do you have backup resources that can continue to process data without interruption? What if your data center is out of service altogether? Do you have another that can keep your infrastructure operational?
As an example, let’s look at cryptographic key management. Numerous business applications offload private key storage to purpose-built devices known as hardware security modules (HSM). HSMs are tamper-evident, tamper-responsive servers typically certified to rigorous requirements such as FIPS 140-2 Level 3. A typical information security infrastructure may only have throughput requirements to justify a single encryption HSM that is partitioned to provide services to multiple business applications. But if this single HSM fails or must be taken offline, any application relying on it for cryptographic key management may also become unavailable.
In this scenario, the ideal data security infrastructure would comprise multiple HSMs along with at least one centralized management server, split between multiple geographically separated data centers. This example can be extended out to virtually any other type of IT hardware, but it is particularly important for resources representing a single point of failure, where their outage would have cascading impacts throughout your enterprise ecosystem.
To mitigate these risks, talk to your vendors about data security and redundancy options; you might be surprised at their offerings. And consider more than just individual device outages, too. What if you can’t get into your data center? Taking a hybrid approach to infrastructure design, where you rely on a diverse set of tools to prepare you for a wide range of potential problems, will let you maintain the redundancy and high availability that your users and customers expect.
Monitor Your Data Centers
Now is the time to monitor your IT operations even more closely than usual to spot extremes and help with scalability and capacity planning. Can your infrastructure handle the increase of users and transactions? Are you accounting for handling higher volumes that come with an increasingly remote workforce? How would your organization handle a service disruption if you experienced an outage? Closely monitoring your IT and security resources to look for spikes and surges can guard against oversaturation and could help justify offloading workloads to cloud data centers.
Malicious actors often ramp up their activities in times of crisis, specifically because they know that companies’ focus is otherwise occupied. Automated monitoring can greatly assist in preventing these types of attacks, but only if proper baselines and profiles are established. For example, looking at an enterprise cryptographic ecosystem, if a bank knows its HSMs are validating 10,000 PINs per second on average, and suddenly that number spikes to 100,000 per second, they should immediately investigate. Intelligent monitoring and health-checking technology is designed for these exact types of scenarios, as well as to identify infrastructure health issues so administrators can respond proactively rather than reactively.
Your organization’s IT infrastructure and data security are depended on to be reliable, and your IT operations continuity effort needs to be prioritized now more than ever. Here’s to keeping your employees, and your IT infrastructure, in good health.