The Importance of Segmentation


Public cloud services provide numerous benefits for small, medium and large organisations. While organisations become more familiar with Public Cloud services, their adoption and integration is accelerating. This enables business to move as quickly as the market demands, and as nimbly as operationally possible.

Public Cloud services provide organisations with speed and agility; but do they provide fast and agile security?

Infrastructure as a Service (IaaS) is by far the largest Public Cloud service consumed, and is testament not only to the market demand, but also the broad adoption by organisations of such a service.

The ease of consumption is staggeringly fast and flexible and broad enough to cater for almost all workloads. Public Cloud providers enable fluid movement of organisational workloads, both in, out and within its service offerings. For example, the ability to move workloads from Private Cloud to Public Cloud to reduce cost, or to move workloads between geographical regions to ensure availability.

Additionally, Public Cloud service providers enable rudimentary security controls sewn within their service fabrics. This is evident with AWS NACLs (Network Access Control Lists) and SGs (Security Groups), and Azure NSGs. 

However these complimentary controls were not intended to replace purpose-built security controls, and lack functions and capabilities. They are administratively heavy, provide weak audit capabilities, they make east-west protection difficult and most importantly - they provide no awareness or capabilities for the security of your workloads outside of their services.

Purpose-built, enterprise-grade security capabilities are needed in the Public Cloud; now more than ever. These capabilities need to be as flexible, as agile and as fast as the services they protect 

Your security capabilities should take an asset-based focus on your services. It should be workload aware. It should know what your workloads are, where they are, what they can and cannot communicate with and more importantly when they move. It should be easily configurable, dynamic, and as near zero touch as possible, while not compromising on controls.

Ditno Network Security provides the mechanism for your assets to self-defend and to self-heal, while allowing full agility in any environment; albeit Public Cloud, Private Cloud or bare metal. Enabling the enforcement of threats not just external (north/south), but also between your assets (east/west). This allows unprecedented scale and visibility, all the while being dynamically aware of your agile workloads and the requirements of those workloads; not the environment they are in.

Glen Messenger - ditno CIOGlen Messenger, CIO


Contact us today to book an appointment for us to come and show you how we've helped some of Australia's largest organizations to protect themselves from cyberattacks and what we can do to help you.