To reduce complexity, a high proportion of organisations are looking at modernising their data centre infrastructure through consolidation, virtualisation and by leveraging the cloud. In traditional data centres, security controls can be applied to each physical system and systems with different levels of criticality or those that contain the most sensitive data can be physically separated. This is no longer the case for next-generation data centres where virtual resources cannot be compartmentalised in the same way and security controls can no longer be tied to physical resources.
While the chief goals of data centre modernisation projects are to enable the business by being able to accommodate rapidly changing business needs, while reducing operational complexity and cost, risk and compliance obligations must also be prioritised.
The modern data centre requires an integrated set of security controls that are applied consistently across physical and virtual systems, as well as those residing in the cloud, with federated management and reporting across hybrid environments that may include extensions to private and public clouds. The only way that this can be achieved is by building security into the design phase during key inflection points as data centres are built out, virtualised or upgraded and must be applied consistently across all systems in a hybrid environment that spans physical and virtual systems, as well as cloud-based computing. This will enable the business by improving its ability to offer dynamic services that are always available, and that are resilient and secure, which will improve the capability to manage risk, apply and enforce consistent security policies, and to achieve compliance objectives.
A recent paper discusses these issues in greater detail and provides details of the key issues and security controls that organisations should be looking at. The paper can be accessed here: Architecting the security of the next-generation data centre.