The Private Infrastructure Security Renaissance

Although it seems counterintuitive and  a throwback to Enterprise IT setups from nearly a decade ago, private infrastructure is in a Renaissance period. 

Today, there are many reasons to avoid a 100% commitment to a public cloud deployment (although not the standard), the principal one being the lack of visibility and transparency from cloud providers around data security and access management. 

Many infosec teams doubt cloud providers’ claims about confidentiality and integrity related to their most sensitive data stored off-site. With a lack of visibility into “how the sausage is made,” teams with the utmost focus on security may find that maintaining an on-premises data center or other forms of private infrastructure are the best way forward to ensure maximum security.

Several years ago, all roads led toward a public cloud environment with infinite scalability, the most cost effective and future-ready option for many IT teams. While spend is, and will continue to be, monumental for public cloud demand, the onset of virtualization and containers make the prospect of maintaining an on-premises IT infrastructure more efficient. 

Add in the security benefits and ultimate control over the data, more and more teams find themselves in a hybrid environment setup, keeping one foot in the public cloud for nonessentials and one foot in a private cloud for mission-critical IT.

Good reasons for maintaining or implementing private infrastructure:

More security: An air-gapped environment includes assets that are disconnected from the internet and isolated in the network structure. With out direct access to the outside internet, these assets will be among the most secure in the IT infrastructure. For those reasons, critical IT operations and data storage are commonly used in this configuration. Intelligence agencies and others with strict security mandates from regulators also air-gap much of the IT environment.

More control over the data: A benefit of the public cloud is that it provides a single point of entry or exit for data, and all monitoring can be focused on ingress and egress. What happens once your data is in the public cloud is a bit of a mystery, even though providers have SLA’s that guarantee data safety while in their care. Data control is 100% in the hands of the internal IT and infosec teams when private infrastructure is used, meaning more control and visibility for sophisticated teams.

Maximize existing investments: Some businesses find themselves in a difficult position when it comes to modernizing their IT stacks. The cost to change and modernize can be crippling. The infosec group at a manufacturing organization with legacy machinery might find themselves in the difficult position of having to secure systems that are decades old but mission-critical, with no possibility of making an update to something more modern. These teams need their security vendor to adapt to their needs and they struggle to find vendors that rise to that challenge.

Meet compliance needs: Depending on geolocation, maintaining private infrastructure is a must-have and not a nice-to-have in order to satisfy regulators. For instance, under GDPR, data from EU citizens cannot leave the boundaries of the EU, requiring organizations to build or migrate to infrastructure that supports keeping data in-region. This and other compliance mandates, like the ones involving audit trails, drive the renewed interest and adoption of on-site infrastructure.

Vendor outages: When a portion of AWS goes down, we all feel it in one way or another. Many commonly used apps and websites rely on public cloud providers, and an outage means expensive downtime for IT and infosec teams. Outages are common, and will continue, and private infrastructure is a way to mitigate risk.

Many EDR/EPP vendors miss the mark in that they don’t focus on the need for securing private infrastructure. Legacy OS support varies across vendors, and of those that do secure private infrastructure, it is done through a “maintenance mode” technology with limited thought of the future and no roadmap of innovations for the  customer.  Those who need private infrastructure protection really need it, and have difficulty finding a security partner that rises to that challenge.

Cybereason meets the customer where they are, and adapts our security around their needs.

Private Infrastructure Protection

Cybereason Private Infrastructure Protection is a tailored deployment to complex environments through a combination of innovative technology and services for a full scope partnership:

Universal Deployment: Deploy to any endpoint, any data source in any configuration. Tailored deployment to any IT configuration, whether public cloud, private cloud, air-gapped, or other environment. Broad OS support to secure legacy IT and niche systems.

Fully supported: Dedicated DevOps and Delivery teams to ensure success and tailor every aspect of the deployment. Partner with our Services team for deployment, ongoing maintenance, health checks, and customer support. Cybereason views Private Infrastructure Protection as a key component to customer success and this is not a “maintenance mode” technology for us - we have dedicated engineers to provide regular releases and innovations.

Maximum security value: Ensure the strongest protection possible on ALL endpoints. We provide robust prevention, actionable visibility, and sweeping response - validated by the most recent MITRE ATT&CK  emulations. 

Cybereason is dedicated to teaming with defenders in both the public and private sectors to end cyber attacks from endpoints to the enterprise to everywhere. Learn more about the Cybereason Private Infrastructure Protection advantage here or schedule a demo today to learn how your organization can benefit from an operation-centric approach to security.

JJ Cranford
About the Author

JJ Cranford

JJ Cranford is a Senior Product Marketing Manager at Cybereason, He was previously with OpenText after the acquisition of Guidance Software where he was responsible for the go-to-market strategy for endpoint security products. JJ provides insight into market trends, industry challenges, and solutions in the areas of incident response, endpoint security, risk management, and compliance.

All Posts by JJ Cranford