In today’s reality, enterprise architectures are highly distributed, and multi-cloud environments are only growing more complex over time. Siloed teams, however, are using antiquated methods to harden workloads, prevent breaches and detect vulnerabilities. Some companies may think because their traditional AV product is protecting their endpoints, that same product and practices can be used to protect their workloads. Though it may be convenient, it is not the most secure choice. Today we will tell you why, along with other top practices for keeping your workloads secure.
Endpoints and today’s modern workloads have completely different profiles. Endpoints are classified as desktops, laptops, or tablets that are packed with functionalities and rarely upgraded. Workloads, on the other hand, have only one or two functions and are updated much more frequently. The Endpoint Protection Platform (EPP) market looks at end-user-device protection and is not designed to cater to the modern workload profile. Traditional endpoint security solutions are not well-suited for cloud-specific scenarios where workloads require automated scaling, consistency across dynamic cloud changes, and unified reporting and alerting. In other words, don’t fall for a vendor that packages their endpoint security product as a workload security solution.
Today’s modern workloads are distributed across physical servers, VMs, containers and serverless workloads. Cloud Workload Protection (CWP) solutions protect workloads in hybrid, multi-cloud data center environments. An advanced workload security solution has features such as:
- Real-time visibility that adjusts to the ephemeral nature of workloads
- The ability to lock-down workloads with hardening capabilities, vulnerability assessments, CIS/STIG benchmarks, and more
VMware Carbon Black Workload does all that and more. VMware’s CWP offering reduces the attack surface and protects critical assets with purpose-built workload protection for the modern data center. Recognized among “the top best Cloud Workload Protection Solution” at the 2022 SC Awards, Carbon Black Workload gives security teams direct visibility into their workloads without disrupting their IT counterparts. Tightly integrated with VMware vSphere, Carbon Black Workload provides advanced workload protection built for today’s needs. IT, Security, and Development teams are given a single source of truth that provides visibility across their environments and reduces friction. It allows teams to focus on the most high-risk vulnerabilities and common exploits across their environment and prioritize the vulnerabilities that need immediate action.
Workload Security Best Practices
#1. Replace legacy AV on servers with modern workload protection
- Do not expect an offering designed to protect end-user endpoints to provide adequate protection to server workloads. Instead, choose a single built-in agent that will bring security monitoring as close to a zero footprint as possible.
#2. Disable unnecessary functions inside virtual machines
- Any service that is running on a virtual machine provides the potential for an attack. By disabling system components that are not necessary to support the application or service running on the system – whether it be an on-prem virtual machine or a public cloud virtual instance – you reduce the potential for threats.
- Eliminating the need to install multiple agents onto workloads reduces security agent sprawl, minimizes installation and reboots, and reduces operational overhead. This simplifies the delivery of security as a service for IT teams.
#3. Extend vulnerability scanning proactively into the CI/CD pipeline
- Securing your workload earlier by extending workload scanning and compliance efforts into development means for better control over the attack surface. At this point you can detect security issues early and get them fixed quickly, before any applications are deployed. Your developer team will thank you in the long-run.
#4. Utilize risk-prioritized vulnerability assessment
- Gain a full view of all vulnerabilities on every workload without the need for rules or additional agents to deploy. Rich prioritization scoring is done based on threat analysis and exploits in the wild, allowing users to directly investigate VMs through the vSphere Client.
#5. Keep all security measures up to date
- Identify current gaps in data collections and set up alerts to ensure you are notified immediately when a problem occurs. What’s more, user error can be a major risk to your organization, so make sure your employees are taking security awareness training. The Advanced Computing Systems Association (USENIX) suggests training 2-3 times a year.
As more organizations embrace a multi-cloud structure, it will be crucial that they find a solution that properly protects their workload environment. Whether those workloads are physical servers or virtual machines in the public cloud, the right CWP solution should be able to protect it all – regardless of the location. Incorporate these quick tips into your daily hygiene and feel good about keeping your workloads secure.
Visit the RSA Conference 2022 — VMware Booth
Also, if you will be attending this year’s RSA Conference, be sure to stop by our booth #5745 in the North Expo Hall and check out our theater booth presentation line up. There’s one on securing multi-cloud workloads and configuration posture you won’t want to miss. Learn more about VMware at RSA 2022.