The New Security Model for IT: Detect and Respond

Hear from Patrick Quirk, Vice President and General Manager of the Management Systems Group at Vertiv, on how the detect-and-respond security model works, and why a distributed platform provides the most holistic view into the health and status of all IT equipment. 

One of the most important considerations for any organization’s IT systems is the protection and security of data and infrastructure. For decades, the model has been like an old fortress: Build a giant wall and moat, and try to keep everything out. The traditional networking firewall followed this approach — catch all the threats before breach, even if it requires using multiple firewalls in combination.

But breaches happen, and firewalls cannot detect threats from within the network. The explosion of connected devices, edge locations and network traffic brought with it new ways to breach the fortress. No longer can one firewall withstand the advanced nature of the modern-day hacker. Plus, the sheer volume of touchpoints and their location at the edge of the network creates even more opportunities for attacks. To keep up, companies must change their tactics and move from the firewalled fortress to enabling real-time detect-and-respond security practices when breaches occur. Make every effort to prevent the attack, but accept and understand that some threats may get through. Organizations should arm themselves with the best tools to quickly identify when and where issues occur, isolate them, and resolve them as quickly as possible.

The detect-and-respond security model requires organizations to build capabilities from the lowest levels and deploy solutions that can distribute the detection, obfuscation and isolation throughout their networks. This approach applies to sensors and IoT devices, controllers in connected equipment, and at all gateway and bridge points to expand the ability to monitor their equipment and network in real-time. With a distributed platform that provides a holistic view into the health and status of all equipment, organizations gain visibility and access to real-time data, while providing the infrastructure to isolate identified security breaches and vulnerabilities. Remember: In today’s IT ecosystem, this cannot be limited to traditional data centers. The push to the edge creates a bigger threat for attack, and visibility into edge locations is critical.

By employing a distributed security model that can, in the future, leverage machine learning and artificial intelligence, organizations will be better equipped for emerging threats.

Remote monitoring and management is critical in edge environments, but it’s only the beginning. Even well-connected organizations often lack physical resources and trained IT personnel on location at every edge deployment. Organizations need tools that allow them to detect, isolate, and respond, whether the problem is security related or an operational failure. The ability to diagnose and solve issues remotely or dispatch service teams – well prepared and equipped thanks to accurate data and situational details – is critical to successful resolution.

By employing a distributed security model that can, in the future, leverage machine learning and artificial intelligence, organizations will be better equipped for emerging threats. Cloud-based tools and data aggregation will evolve to incorporate threat patterns identified by the distributed security nodes and inoculate the connected community from the threat before it spreads.

Patrick Quirk is Vice President and General Manager of the Management Systems Group at Vertiv, leading strategic direction, operation and financial performance of digital  intelligence solutions.