Just as hybrid cloud is often the best solution to cloud deployment challenges, hybrid security — mixing managed services with on-premises IT security — is often the best way to secure your business. Here are four useful strategies to adopt while doing that.
Dog picture from Shutterstock
Hybrid security was a major theme at a recent IT security lunch hosted by Check Point which I attended. Below, I've gathered together some of the observations from the three main speakers:
- Kurt Hansen, ANZ managing director for Check Point;
- Alastair MacGibbon, general manager security for Dimension Data Australia'
- Johan Sulaiman, head of IT Asia Pacific for global strategy consulting firm L.E.K Consulting.
Use hybrid to deal with skills shortages
Demand for IT security experts continues to outstrip supply, so a hybrid approach may well be driven by necessity.
"Is the skills pool large enough? We are seeing a shift in the way business deals with IT security," MacGibbon said. "We need to be smarter in how we deliver it."
"That doesn't mean you outsource all of your security functions. You have a couple of really smart people and you buy in the rest of those services."
Plan to deal with breaches, not just to stop them
Your security policy (hybrid or otherwise) can't just deal with how you keep intruders out; it also needs to recognise what you'll do when there is a problem. "There's always going to be a way to find a vulnerability," Hansen said.
"We'll be breached one day," Sulaiman agreed. "How we respond to that breach is part of the strategy."
Freely share your security strategy with others
"How we secure data is part of the client agreement now," Sulamain said. "Five years ago, that wasn't the case so much."
Taking that approach also means you can outsource some functions with confidence. "Our customer data is important, but we use Salesforce.com and we trust them with that data," Hansen said.
Learn from others, but plan for yourself
While you can draw on the experience of others, you can't replicate it exactly. "It's really hard to generalise the kind of plan you have to have," Sulaiman said. "Look at your size and look at your sector".