blog-cyber-security-mesh-in-times-of-composable-decentralized-it-architectures

Cyber-Security Mesh in Times of Composable Decentralized IT Architectures

COVID-19 accelerated digital business. However, it was also the impetus behind the acceleration of an increase in digital assets and individuals who are located outside of the typical enterprise infrastructure.

Cybersecurity teams are now tasked with having to secure countless forms of digital transformation and other new technologies. For organizations to securely move into the future, they need secure options that are flexible, agile, scalable, and composable. The solution to these requirements is cybersecurity mesh. What is cybersecurity mesh? Gartner defines it as “a modern conceptual approach to security architecture that enables the distributed enterprise to deploy and extend security where it’s most needed.”

Main Reasons for the Decentralized (Security) Architecture

For many businesses, regardless of industry, improving their security architecture is growing into a necessity for their continued growth and, in some cases, survival. There are three main reasons why businesses across all industries are exploring a decentralized (security) architecture.

Reason #1 – Reinforcing Their Core

Reinforcing the core means that businesses are integrating third-party functionality into their architectures to strengthen their core businesses and gain market share from their competitors who are either not embracing digital transformation or are moving very slowly in doing so. These third-party partnerships require little technical investment on behalf of the business. However, they stand to gain because these new services can breathe life into their existing menu of offerings faster than if they had to develop those services in-house.

Reason #2 – Creating New Distribution Channels

A decentralized architecture brings opportunities for growth by creating new distribution channels. For example, a bank may already be successful in providing its existing services to its existing customer base. However, by entering into strategic third-party partnerships, they can discover new distribution channels for their products and services. By entering into new, growing niches, businesses can benefit from an expanded volume that they might not otherwise be exposed to.

Reason #3 – Launching Innovative Meshes/Orchestrations

Businesses can create disruptive new business models with APIs and third-party relationships that operate outside their core business. This strategy could include launching innovative meshes that are targeted toward a specific product or vertical market. These independent ventures allow businesses to grow their services or niche products to pursue disruptive vertical plays.

The Answer for Hybrid Architectures is BYOK

As businesses embrace hybrid architectures of clouds and local data centers, they must acknowledge the need for security. There is a paramount need to take control and ownership of all their data to keep it secure so that no unauthorized third party has access to data in an unencrypted way.

The answer for a secure hybrid architecture is Bring Your Own Key (BYOK) that is managed by industry-grade key management systems and hardware security modules. To keep customer and business data safe, the BYOK solution should seamlessly integrate between the cloud and local data centers for a centralized key management approach that operates as an external key management system (KMS) for the cloud.

Using the BYOK option allows business users to exclusively own and control their encryption keys. Users can:

  • Create and maintain possession of their keys
  • Determine when their data is at rest or active
  • Restrict anyone inside or outside of the third-party cloud from accessing their data at rest if they do not have possession of the user’s keys.
  • Maintain the control to move data and applications across a secure hybrid cloud

The BYOK solution should only allow the cloud to hold the user’s key long enough to complete the user’s request.

Benefits of using a secure BYOK solution with a hybrid architecture include:

  • Added peace of mind by encrypting the user’s cloud data with a secure algorithm so data cannot be decrypted or read when at rest.
  • A comprehensive security solution with encryption keys that cover all types of data at rest.
  • An option that gives users more control of their data without the overhead.

Utimaco helps enable a cybersecurity mesh across the hybrid cloud by providing compliant, flexible and innovative solutions, bringing to businesses and critical infrastructures the reliability of an advanced and resilient architecture in compliance with stringent security standards.

The cybersecurity mesh is an important tool for organizations to consider how to fulfil their security obligations in a broader context. Utimaco is well positioned to support this strategy by providing a number of solutions that can address multiple cybersecurity mesh gaps within an organization.

Visit Utimaco’s solutions for further information

Blog post by Dawn Illing

To find more blog posts related with below topics, click on one of the keywords: