How Greater Visibility Makes Better Cloud Security Possible
Everyone knows that security can be a challenge in today's complex IT environments. According to recent survey results, 60% of cybersecurity professionals think getting security visibility is more difficult in a cloud-based environment as compared to a physical network. The same survey also showed 50% agree that it's difficult to audit network security when working with cloud computing infrastructure. At Riverbed, we hear these same concerns from customers, that is until they see what Riverbed can do to augment their security capabilities with end-to-end visibility.
It's true that a cloud-based environment can complicate security precautions but only if an enterprise fails to use a robust system for unified visibility. Traditional approaches to gathering security data try to combine reports generated by vulnerability and patch management systems with data gathered by interviewing applications teams. This approach falls short because asset inventories are almost never complete and, at best, are only as current as the last scan. With Riverbed, an enterprise can develop and maintain an ongoing, real-time, accurate view of the network including a complete inventory of network assets, map of network dependencies and actual usage-thereby eliminating much of the confusion cloud-based and hybrid network security has become known for.
Then there's the question of auditing. How can an enterprise make sure everything is auditable in a cloud-based environment?
Here's where it really gets good. Riverbed enables organizations to drive workflows into daily operation that can:
- Automatically map their networks
- Manage change, track compliance to PCI, NIST or other policies
- Plan for End of Support/Life for infrastructure
- Conduct robust survivability analysis
- Conduct threat modeling for common attacks such as DDoS, DNS Amplification, HTTP amplification, and more
With our platform, management and operators can pull reports on situational awareness across the enterprise. This robust capability enables collaboration and teamwork for operators and auditors. Documentation for auditing is especially important to companies that require industry or regulatory compliance such as PCI, NIST, FIPS 200, SB-1386, GLBA, and HIPAA.All this comes as a revelation to many of our customers and that's before they get to hear the best part: with Riverbed, IT professionals can use the same instrumentation and data collection methods used for security visibility and leverage those methods for application performance management at no additional cost. Now that's good news.