The Security Talk Around SDDCs

In the software-defined data center, the infrastructure is virtualized and delivered as a service.  Automated software controls it – and the result is a data center that is extremely flexible and scalable, enabling companies to quickly and effectively meet changing business needs.

“The primary goal of the SDDC is agility and speed by enabling IT-enabled services to be quickly, and transparently, provisioned, moved and scaled across network segments, across data centers, and potentially, into the cloud independent of the physical infrastructure underneath,” according to Gartner.

But what about security? Of course, it’s important to have the agility and flexibility to meet business needs, but if you can’t secure the data center, all the agility and flexibility in the world won’t help you (or save your customer).

So when you talk to your customers about best practices around the SDDC, here are five things that they need to consider:

1. Adopt adaptive thinking: With the SDDC, it’s all about thinking in an adaptive way—and that includes security. Customers need to understand that any products they tap to secure the SDDC must be “smart” enough to protect old and new applications, services and workloads as they are delivered across a growing number of devices and platforms.

2. In the case of the SDDC, old dogs can’t learn new tricks: Your customers may have a plethora of security tools that they have leveraged in traditional data center settings, but those tools will not work well (if at all) in a software-defined data center setting. Work with customers to identify the tools and services that will best meet their business, compliance and other needs.

3. In the case of security pros, old dogs must learn new tricks: While legacy products may not be able to change, security pros accustomed to securing physical machines will have to evolve their roles, focusing less on “hardening” servers and more on policies, provisioning and orchestration, as well as on stemming the rising tide of socially driven malware such as ransomware.

4. Companies may face a security skills gap: It will take come time to get a company’s security pros up to speed on SDDC security skills, and new talent will be in high demand—and, thus, difficult to hire. This is where MSPs can be especially helpful, supporting customers in a thoughtful—and safe–transition to SDDC.

5. Visibility will lead to many new questions—and that’s a good problem to have: SDDCs provide a new level of visibility, which opens the door to new questions relating to compliance and auditing. With the use of dynamic workloads, companies will need to start considering how security “follows” a workload and the ways in which workloads should be provisioned and secured.