Data centers must be both technologically and physically secure since they store sensitive or private information such as customer data or intellectual property. Rajpreet Kaur, Analyst, Gartner gives insights on Data Center Security.
Data Center security is undergoing a lot of technological advancements. What is the biggest technology advancement which bought a difference into the market?
There are many technologies that have acted as catalysts to advance this market. Data centers are now adopting SDN. Additionally, innovations such as Containers, Kubernetes environment requires evolved security practices and technologies instead of relying on traditional security controls.
DevOps and the adoption of the cloud have been the biggest technology adoption that has evolved data centers. As a result security technologies in the data center must offer support to these hybrid data center environments and offer integration and automation with CI/DC cycle. Containerized security controls such as Firewalls, WAAP and Identity based segmentation technologies from a network security perspective will help the datacenters to build their hosted security services at scale and provide application-based micro-segmentation across hybrid environments.
Machine learning and Artificial intelligence-based security tools and security operations based capabilities have also added to this advancement journey.
Briefly explain your take on the drivers of the market.
The data center market in the Middle East is facing a strong challenge from Tier 1 Cloud providers, who are evolving their native security offerings to offer resilience and highly scalable infrastructure.
Hence, with the growing scale of cyber-attacks and as attacks are becoming more targeted and sophisticated, data center players will have to secure their environment against them by continuously evolving their security architecture.
Is there a change in the Middle East market as compared to the global market in terms of Data Center security?
The maturity of the Middle East Market is not uniform and can be categorized as a Mature and emerging market. The mature market (UAE) is where there is good availability of most of the international security vendors, and then emerging markets such as KSA and Bahrain, who are still making advancements gradually in their security architecture.
What are the challenges associated with the Data Center Security market? How to tackle these?
There are two main challenges that CIOs are concerned about in 2021 when it comes to data centers. They are as follows:
- Managing the scale of attacks such as the volume of DDoS attacks is growing.
- Better east-west traffic inspection and prevention.
The data centers will have to build effective high availability infrastructure and adopt machine learning-based security tools. Post-2020, the security threats have increased significantly as the reliance on remote working, e-commerce and other digital platforms has increased. CIOs will have to begin with building automation around their security architecture. The threat landscape is changing very rapidly and this is the way forward to deal with it.
What are the key factors of DC security?
To understand DC security we have to understand how data centers have evolved over time. Cloud and/or cloud-inspired technologies are now heavily used inside enterprise data centers, including virtualization and automation. Specifically, as many enterprises are building private clouds and/or cloud-inspired data centers, they need improved programmability, automation, orchestration and integration with the rest of the data center infrastructure. Edge and IoT deployments are stretching infrastructures, shifting priorities and adding complexity. This evolution of data center has made data center security an ongoing task instead of on-time implementation. The key factors of DC security can be defined as:
- Data security: Secure the data where it is sitting.
- Secure Connectivity: Provide secure access and connectivity to the data.
- East-West traffic: Highly microsegment and improve east-west traffic inspection capabilities.
- Automate and continuous visibility: Try to simply by improving visibility, centralizing controls
- and automating. This will also help in achieving continuous compliance and audit capabilities.
- Zero trust architecture: Design your security using the concept of Zero trust framework