Service Management Blog

5 Ways Multi-Cloud Discovery Can Enhance IT Security

3 minute read
Raphael Chauvel

While several huge security breaches have been in the news this year, the threat level continues to grow, with cybercrime getting more organized, and derailing the power of new technology.

If your organization is still struggling with ways to improve security, here are 5 ways to more efficiently bridge the gap between IT security teams and operations teams by leveraging the insight provided by data center discovery and dependency mapping.

#1 Build a common configuration repository

Establishing a configuration management process across the enterprise allows you to break silos when decisions are made that involve enterprise architecture, systems management, and IT security. Using a common repository for configuration data enables you to reduce the effort required to gather and maintain quality data from multiple sources, agree on data formats, and speak common languages.

Leveraging a comprehensive heterogenous cloud discovery and dependency mapping solution also helps reduce implementation complexity. This drives requirements for such solutions to address hybrid and multi-cloud deployments, be scalable, secured through industry certifications (e.g. FIPS140-2, Common Criteria), and able to integrate with security tools (e.g. PAM such as CyberArk, portals such as BMC Threat Director, SIEM, etc).

I have seen many implementations come to faster success via a close partnership between the configuration management team and the IT security group who provide access authorizations. This is made possible by prioritizing the benefits of relying on trusted and up-to-date data over the risks of giving such access rights.

#2 Leverage automated inventory scans for compliance

Internal or regulatory compliance (e.g. PCI, SOX, HIPAA) require regular assessment of asset inventory, and their business function.

However, a mature organization should consider inventory audits as non-events, and rather target continuous checks and improvements. It is much more cost-effective to implement automated discovery that guarantees always available and high quality reports.

Also, at the pace of change required by digital transformation, inventory data is difficult to gather and maintain. A benefit to a multi-cloud approach is to avoid vendor lock-in, so you can expect even more change going forward. There are many benefits to establishing good discovery practices, including identifying integrations with virtualization or cloud APIs as well as identifying unknown use of applications and servers, commonly referred to as Shadow IT. Now might be a good time to review how you keep track of your compute, software, network and storage inventory and seek optimizations.

#3 Consistently identify misconfigurations

Many security breaches are a direct result of misconfigurations. Another benefit of multi-cloud discovery is achieved through leveraging its data to participate in the vulnerability management process.

Through the richness of both the raw data that is gathered, as well as additional intelligence to interpret this data, derive relationships etc, it is possible to proactively identify misconfigurations:

  • This can be basic technical data such as ports that should not be open, unsupported hardware, unauthorized or vulnerable software or operating systems
  • It can also be components that are not attached to a business function or that do not have the baseline security tools installed
  • And dependency mapping can participate in more complex assessments such as disaster recovery or when merging infrastructure post-acquisition

Having a well-established process relying on trusted data to address configuration issues can lead you to quick wins in protecting your organization.

#4 Pragmatically prioritize remediation

Because eradicating all vulnerabilities is impossible, organizations need to prioritize vulnerabilities to isolate those that have the greatest impact, and deploy resources in the most effective manner possible.

Vulnerability knowledge bases and scanning tools allow you to sort security issue criticality, but a second angle to prioritization is to look at application maps and impact models to determine the exposure to the business.

Data center discovery and dependency mapping augments the vulnerability management process by:

  • Providing insight into how applications are deployed and protected (e.g. it might not matter as much that a web server is vulnerable to certain attacks if it is protected by a firewall)
  • Providing the business context to infrastructure components (e.g. adjust the priorities based on the business impact that would result from loss of data or disruption)

#5 Strengthen change management

A challenge that is commonly faced is the friction between security teams that make system configuration recommendations (e.g. patches to deploy) and operations teams who are focused on reliability and availability.

This friction frequently results in lengthy decision cycles with an unacceptable window of exposure, and potential re-work of unplanned downtime.

Multi-cloud discovery and dependency mapping delivers an accurate and comprehensive understanding of change impacts to ensure that security implementation and remediation plans are appropriate and will result in a smooth transition. It also allows to properly track changes over time.

This results in faster decisions, safer rollouts, and improved collaboration.

Now is a good time to review your change management process and ensure it relies on robust data. The benefits will extend beyond IT security.

This post updated 10/17/2017

These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

See an error or have a suggestion? Please let us know by emailing blogs@bmc.com.

Business, Faster than Humanly Possible

BMC works with 86% of the Forbes Global 50 and customers and partners around the world to create their future. With our history of innovation, industry-leading automation, operations, and service management solutions, combined with unmatched flexibility, we help organizations free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead.
Learn more about BMC ›

About the author

Raphael Chauvel

Raphaël Chauvel is a Director of Product Management at BMC Software and has 20 years of experience in developing and marketing products in the areas of Data Center Discovery, IT Service Management, and Client Management. Raphaël is currently leading product management for BMC Atrium CMDB, BMC Helix Discovery, and BMC Helix Client Management. His team focuses on managing product strategy, ensuring product lifecycle aligns with customer and business needs, and that BMC and partners are enabled to these products. He joined BMC in February 2012 with the acquisition of Numara Software and currently resides in France.