Complexity is the enemy of security

A single security plane is the only way to reduce complexity and eliminate the seams.

Data Security

I’ve been managing cybersecurity product development for about two decades, including running the firewall business at a large networking company for several years. During this time, I’ve met a number of very interesting technical professionals from the NSA and the CIA. Recently, I had drinks with someone who was responsible for managing the offensive cyber capability for the NSA.

Having a beer with a highly competent technical leader who leads teams that are explicitly working to defeat the systems that my team spent years and hundreds of millions of dollars to develop was a bit surreal. It reminded me of the Looney Tunes cartoon where the sheepdog and the wolf come to work, punch a clock, spend the day fighting until the whistle blows, then go home slapping each other on the back.

After a few frosty mugs of truth serum, what did I learn? You’ll be happy to know I didn’t learn even a hint of anything classified. So those secrets are well guarded. But he said something I thought was useful.

“We attack the seams.”

What he meant is that a properly managed, patched, and configured server is very difficult to attack. What these professional hackers are looking for are the seams -- the places where people and processes are not perfect and something is left exposed. The more complex your data center infrastructure, the more likely it is to have seams with exposed vulnerabilities.

Complexity is the enemy of security. That’s why most IT shops develop a single security standard, and then try to replicate it over and over. This security standard typically has multiple layers, often from different best-of-breed vendors, to create a robust perimeter. But this approach is then templated and intended to be deployed over and over, reducing the incidence of “seams.”

The hybrid cloud breaks this model. Security services need to be tightly integrated into a hypervisor, and the hypervisors of the public cloud providers all have proprietary, unique security capabilities.

It’s not that one set of services is better than another -- it’s that they are different. A large enterprise might well have a private cloud, with some workloads deployed on AWS, some on Microsoft Azure, and some on Google. This strategy is the equivalent of having a data center that uses Cisco firewalls on the East Coast, Juniper firewalls on the West Coast, and Palo Alto firewalls in the DR sites. A heterogeneous deployment is not impossible to manage, but it is almost never done because it adds complexity --the enemy of security. Complexity introduces too many opportunities for error, and too many seams to be attacked.

I think this security strategy is a major problem for hybrid clouds, but one that most enterprise IT shops are just starting to realize, given the relatively early stage of true hybrid cloud deployments. Tools are being developed to attempt to mitigate this problem. Cloud management platforms (CMPs) attempt to smooth over the differences between each cloud.

But the challenge here is that a CMP is only in the control place. It cannot insert a service such as encryption if that service does not already exist in the underlying cloud. So a CMP drops to the lowest common denominator of hybrid cloud capability. In addition, a CMP is relevant only at deployment time. It cannot ensure the integrity of running workloads, nor react to security incidents.

Creating a single, unified security plane that can span multiple hybrid clouds is one of the more interesting research areas in cloud security, and I believe it will be increasingly relevant in the next few years. A single security plane is the only way to reduce complexity and eliminate the seams.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2016 IDG Communications, Inc.