Data traverse across the data center segments based on applications and IT services architecture. Today’s data center designs still follow the legacy model of Web Zones, Application Zones & Database Zones, some of which are published services on the internet for end consumers. Main areas which needs to be secured are:
- Data Center Perimeter
- Data Center East-To-West Network Flow
- Web Services Zones
- Application Services Zone
- Database Services Zone
- Data At Rest (Storage systems)
When enterprise data traverse across the network, data will land into multiple layers. With endpoints, mobiles and data center network and cloud existing for each layer, cyber security controls are required to reduce the risk of data breaches. These controls can be the following:
Endpoint Detection & Response: EDR is the evolution of anti-virus failure over the past few years as the legacy AV is unable to detect or prevent today’s sophisticated adversaries (file-less attacks). Those type of adversaries are stealth and can evade traditional AV systems, resulting in compromising endpoints within minutes.
Network Threat Hunting: NTH is the evolution of SIEM technologies failure in detecting network cyber threats, replacing the static logic base detection engine with machine learning threat detectors. Moving towards machine-learning based threat hunting systems provide more accurate results to the security analysts.
Incident Response Automation: IRO is the evolution of human failure in analyzing billions of data collected by traditional security analysis platforms. This allows enterprises to automate incident investigations or analysis, using defined playbook written by the industry’s best minds. This leads into more productivity and provide true ROI on Cyber Security programs.
Ingram Micro partners approach clients with a deep understanding of cyber risk exposure and articulate its impact to the overall client’s business operation, then map the risk mitigation controls to either a business process or a Cyber Security ‘Technology Control’.
Ingram Micro educates partners to approach cyber security from business risk perspective, which immediately translates to a wider engagement from all business units within the customer enterprise. Ingram Micro also empowers partners to offer value-added services to their clients such as Cyber Security Maturity Assessments, Breach Readiness Assessments and Incident Response and Incident Containment.
These types of elite services build the right level of trust between partners and clients, which is an essential element that many seem to miss.
Article Written by Aliaa Atiya – Business Unit Manager, Ingram Micro Gulf