As new technologies and infrastructure such as virtualization, cloud, and containers are introduced into enterprise networks to make them more efficient, these hybrid environments are becoming more complex—potentially adding risks and security vulnerabilities.
According to the Information Security Forum’s Global Security Threat Outlook for 2019, one of the biggest IT trends to watch this year is the increasing sophistication of cybercrime and ransomware. And even as the volume of ransomware attacks is dropping, cybercriminals are finding new, more potent ways to be disruptive. An article in TechRepublic points to cryptojacking malware, which enables someone to hijack another's hardware without permission to mine cryptocurrency, as a growing threat for enterprise networks.
To more effectively mitigate these risks, organizations could invest in automation as a component of their security plans. That’s because it takes time to investigate and resolve issues, in addition to applying controlled remediations across bare metal, virtualized systems, and cloud environments -- both private and public -- all while documenting changes.
Creating and maintaining a more secure foundation for systems running customer portals, operations and/or business support systems, and a range of virtual network functions in distributed environments is important to telecommunications service providers as they digitally transform their businesses. Automation can simplify the effort and allow them to execute at the scale they need. Plus it can free up valuable security professionals to focus on more critical security tasks that require human intervention.
Improving Security with Automation
Manually checking systems for security and compliance is hard to achieve across the large infrastructures that service providers have deployed. Manual security practices are time-consuming, prone to human error, and harder to repeat or verify, which make executing security initiatives and passing audits impossible, a point research firm Forrester makes in its report, "Reduce Risk and Improve Security Through Infrastructure Automation."
While some tasks may need to be manual, an automation strategy helps build the capacity for identifying and remediating risks without vastly increasing costs. An automation strategy for security and compliance can help with operating systems hardening, consistent configuration management, automated patch management, infrastructure and security as code with automation workflows, and more.
Selecting the right automation technologies is key for rapid implementation across the data center and network software systems in hybrid environments. It’s here that Red Hat shines, with a holistic, end-to-end software stack for automation and management that includes Red Hat Enterprise Linux (RHEL), Red Hat Ansible Automation, Red Hat Satellite, and Red Hat Insights.
One use case where these Red Hat offerings work in concert as a solution for additional security and compliance benefits is automated security compliance. In this scenario, Red Hat Enterprise Linux provides the foundation with built-in automation to address security concerns and compliance with OpenSCAP and Ansible Automation to mitigate risks and comply with industry or custom security baselines.
To do security compliance automation at scale across Red Hat Enterprise Linux hosts, Satellite can be utilized which has OpenSCAP built-in. In addition, Satellite, Insights and Ansible Automation (which includes Red Hat Ansible Tower) can work together for automated patch management to more seamlessly detect security issues and risks in hosts and do controlled remediations using Ansible Automation playbooks.
This combination of Satellite, Ansible Automation, and Insights—with RHEL as the foundation—provides a solution for continuous monitoring, as well as automation to address security and compliance needs.
To learn more about how Red Hat solutions deliver automated security and compliance across IT and networks for improved and proactive security, read the complete white paper or watch this Light Reading webinar where principal analyst Jim Hodges and I further discuss these topics.