6. Utilising in-guest encryption to
secure the data itself
GARRY MCCRACKEN, VP
TECHNOLOGY AT WINMAGIC
In a world where IT environments are
becoming increasingly virtualised and
hyper-converged, the attack surface is
significantly expanding.
time to expand the definition of network
profiling to include the riskiest asset on
the network: the user.
Advances in data science, combined
with computing power and applied
to data already collected within most
organisations, can connect the dots
and provide a useful profile of network
user activity.
While data science – i.e. Machine
Learning – has become an overused
buzzword, in practice it can provide very
useful answers in certain applications.
For example, Machine Learning can
discover the connections between
seemingly unrelated bits of identities to
create a map of all of a user’s activities,
even when the identity components are
not explicitly linked.
Other techniques can create baselines
of normal behaviour for every user
on the network, making it easier to
understand whether each user is acting
normally or not. Still other techniques
can build better asset models, including
which machines are likely ‘executive
assets’ and at higher risk of attack.
Profiling individual users enables an
organisation to understand in great
depth and with deep context exactly who
is on the network; what they are doing;
whether they should be doing it and
what it means to an organisation’s risk
and security posture.
www.intelligentciso.com
|
Issue 10
This means securing the data itself has
become a top priority. Enterprises need
to take appropriate steps to ensure
that sensitive data never appears in the
public domain.
The attack surface
is significantly
expanding.
7. Recognising and fulfilling
skills gaps
LIAM BUTLER, AVP AT SUMTOTAL,
A SKILLSOFT COMPANY
The cloud has brought analytics back
into the hands of business users,
The solution is to ensure protection
resides within the data by utilising in-
guest encryption with keys that remain
under the control of the virtual machine
(VM) owner – the enterprise itself.
VM-level encryption not only protects
workloads wherever they may be within
the enterprise infrastructure and beyond.
It also delivers a significant number of
additional advantages, including making
it easy for IT departments to control all
aspects of data security.
It ensures that data can only be accessed
by authorised users, even in the event
that a cloud system is breached.
particularly in HR. In the ‘old days’,
business analytics tools were shrouded
in secrecy and owned by IT and MIS as
part of the on-premise ERP system.
Analytics are now part of our daily
life, being used to enable insightful
decision-making and to predict
business outcomes.
For example, the linking of workforce
management data with training data
allows manufacturers to predict workforce
capacity planning issues in advance of
a product launch, train employees prior
to manufacturing demand or move shift
patterns to meet demand. u
65