Not a micro segment: Microsegmentation’s ability to protect the cloud is big opportunity

As bad actors have learned to take advantage of the freedom inside a protected environment and internal threats have become better understood, cybersecurity spend has rapidly expanded from protecting internal assets from outsiders to better controlling lateral data flows within protected environments.

In a world where lateral data flows for a business process can now span on-premise infrastructure, a company’s own data center, third-party data centers such as AWS, Azure, and Google Cloud, and hosted cloud applications from third parties, microsegmentation is a key solution in the arsenal to protect business assets. Microsegmentation divides data center and other computing assets, regardless of physical location, into logical groupings, sometime down to very basic component and workload levels, and then creates and enforces policies for each segment.

While microsegmentation can be highly effective and has great promise, its relatively early stage of evolution combined with its complexity mean there is a long runway for the market to grow as innovative cybersecurity companies invest to introduce better solutions. We highlight just a few of the companies providing some of today’s leading solutions.

Most historical security spend has focused on preventing unauthorized or inappropriate access from outside a protected environment and keeping sensitive data inside a protected environment from leaving. These data movements are commonly referred to as north-south traffic. East-west traffic, or lateral data flows, refers to flows between points within a protected environment. For example, a person sending account information to a client creates north-south traffic, while an internal accounting system pulling data from an internal payroll database creates east-west traffic. In the early days of networking, east-west traffic received much less scrutiny than north-south traffic. However, as internal threats became more appreciated and bad actors learned to take advantage of the freedom they found once they had penetrated a protected environment, security postures changed to pay much more attention to east-west traffic.

Fast forward to today’s networking environment where data is located in a combination of on-premise infrastructure, a company’s own data center, third-party data centers such as AWS, Azure, and Google Cloud, and hosted cloud applications from third parties. A single application or workflow may use and pull data from all of these. For example, a cloud based payroll system may pull hours worked by employees from systems hosted in a third party data center and from on-premise databases. In this type of data environment, enterprises cannot rely on north-south focused network-based firewall architectures because lateral data flows are just as critical and trying to firewall every segment based on IP address mapping is difficult and largely ineffective at preventing attacks.