Virtustream Blog

Enhancing Security through Automation


in Security, Automation, Cloud, Trust, xStream Talk

Information security and automation are two of the hottest topics in the evolving IT industry. While automation is driven by the potential for increased efficiency and decreased resource utilization, many businesses experience a beneficial side effect upon implementation. Enhancement of their security posture. Several of the common security challenges businesses face can be addressed through automation, and being knowledgeable about how this strengthens the security of your data when working in a cloud environment is critical.

Automation - The Effects on Security

Virtustream is focused on automation – and this permeates throughout our architecture from hardware provisioning to application management. By streamlining formerly manual processes, our customers are easily able to achieve efficiencies previously unrealized.

At the core of Virtustream’s automation is software. Under the hood of our platform we use many software defined technologies (Software Defined Networking, Software Defined Storage, etc.) that work together to create a Software Defined Data Center (SDDC). When you consider an SDDC environment, Software Defining Security naturally comes to mind. The repeated, automated, and consistent deployment of virtualized systems (servers, network gear, storage, etc.) via automation engines not only reduces manual efforts, but also ensures that all systems are built to compliant standards. 

When addressing these compliance standards, automation can also help alleviate the security concerns associated with legacy infrastructure. For example, it can be used to fix legacy security holes in traditional infrastructures that resulted from the inconsistent systems configurations of days’ past. Additionally, if a risky configuration is found, possibly through an audit, Virtustream’s automation engine can be leveraged to change and remedy the configuration quickly on all affected systems. This philosophy is at the core of Virtustream’s security programs.

Deployments

Automated Deployment & Configuration Management tools (I.E. SALT, Puppet/Chef, Ansible) have become pervasive in deploying modern infrastructure, and Virtustream uses similar tools to securely provide services on our cloud. It’s no secret that security services are exponentially more valuable when the lag time and back and forth between order and deployment is minimized. That is why Virtustream is steadily advancing towards a “push button -> deploy service” model that will enable our customers to deploy specific managed services for enterprise mission-critical applications on-demand.

Another advantage for Automated Deployment & Configuration Management is the immediate feedback customers receive to confirm and validate that a deployment has occurred that is in line with their expectations and needs.

Central Management and Reporting

Central management and automation tools enable a DevOps environment to thrive in our cloud, enabling the Virtustream team to make our reporting faster and more robust. By implementing version control and a development pipeline, Virtustream is able to drastically decrease downtime and the impact from break/fix issues with roll back and automated restore capabilities. This development pipeline not only can prevent break/fix issues, but can also inhibit insecure configuration changes with security testing. The reporting of this security testing is also leveraged by our compliance team in their response to audits.

Aside from security testing and development pipeline enhancements, Virtustream’s Security Intelligence Operations Center (SIOC) has also leveraged automation in various aspects of their services, not only internally, but for customers as well. One key area of automation efforts is in incident handling (I.E. a Ransomware outbreak). Automating the initial triage when dealing with a massive flood of alerts has enabled timely and effective responses to verified events. By enhancing the automation capabilities of our threat intelligence gathering, Virtustream has increased the effectiveness of our security tooling and the richness of the contextual data we can rapidly provide about an incident.

Perhaps the most visible security automation currently available is the array of reports and dashboards security operations personnel can access. These reports and dashboards can cover a variety of use cases for your employees, such as:

  • An engineer getting an instant and accurate picture of the health and status of various deployed appliances
  • A managed services team member gathering statistics and spotting a potential issue before it grows to a larger issue with heavy impact
  • A SIOC team member spotting anomalies during Threat Hunting exercises, which leads to critical item of interest
Focusing on the Future

The push to automate IT infrastructure and services will continue to grow in the coming years, and enterprises exploring this trend should be considerate of the accompanying growth automation provides their security posture. Traditional security issues, such as systems patching, will be greatly reduced due to standard compliant implementations and central management, and Virtustream and our customers will be able to realize not only security, but also financial and efficiency benefits.