Problem Solution Essay on Techtife's Need and Scope of Need

Introduction

Cybersecurity is of utmost importance to TechFite. TechFite has a two-firewall system in which the outside firewall protects TechFite and its partners and the inner firewall protects the TechFite intranet. Each one of these firewalls creates a log of all the network traffic that passes through each of the firewalls. Additionally, it is difficult to scan these logs manually, and there is a need to automate log correlation for both host-based and network appliances. There is a lot of traffic that passes through these firewalls due to companies that want to securely collaborate with TechFite and the need government agencies have to access TechFite's information. The amount of storage space to keep these logs for at least a year is more than TechFite has onsite. TechFite is also being pressured to comply with FISMA, using NIST as a security framework, when the company works on government contracts. The company also has to ensure FISMA compliance, even as budgets are shrinking, which is happening in part because there are fewer space missions planned. The company also wants to collaborate with other institutions and companies to expand its business, which may result in opening subsidiaries in other locations domestically and overseas. This may force the company to store its information for longer periods of time, and more locations mean more log data will need to be stored. Besides scanning the log data for potential attackers after systems have been compromised, the system should meet FISMA regulations and be alerted when potential attacks are occurring on the host and network systems. This means that real-time log scanning and behavior analysis of incoming network traffic will be needed to determine when a denial of service attack or advanced persistent threat is happening so the system administrators can catch the hackers. There is also a need to install honeypots to attract hackers, and the logs for those will also need to be stored even though these honeypots will not actually have real data on them.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Proposed Emerging Technology Solution

Given the evolution of data centers in companies, more and more workloads are migrated to cloud environments. Most companies have a hybrid environment with a combination of on-site and cloud workloads, including containers, which are constantly changing (Cooper, Nedbal, & Nadkarni, 2017). This introduces a security risk since cloud environments (both private and public) require new methods and tools for their protection. Companies need centralized visibility of all workloads in the cloud, and total security against configuration errors, malware, and data leaks. Cloud Workload Security (CWS) automates the discovery and defense of containers and elastic workloads, in order to eliminate blind spots, provide security against advanced threats and simplify the management of multiple clouds.

TechFite should utilize Cloud Workload Security (CWS). Cloud Workload Security will enable TechFite to protect cloud workloads and containers across AWS, Azure, VMware, and private cloud by addressing key security, compliance, and governance requirements so they can accelerate their cloud business (Fitzgerald, 2018). CWS protects key attack points on cloud and on-premises infrastructure by empowering artificial intelligence and machine learning security teams to ensure efficient security operations. Efforts to optimize TechFite server infrastructure must be backed up by protection against complex threats without affecting performance. CWS has the ability to detect all workloads, protection of servers, and deploy in the cloud.

CWS technology accelerates performance in both public and private clouds, allowing TechFite to safely migrate its high-performance applications to the cloud. When it comes to providing visibility and control, CWS will allow TechFite to take advantage of public cloud management APIs to control the activity and configuration of multiple cloud resources as well as eliminate blind spots on the attack surface (McAfee Cloud Workload Security, 2019). It continuously evaluates the configurations by countries and types of public cloud while dynamically analyzing the activity in the cloud infrastructure to identify the potentially malicious activity. Implementing good security policies in virtual environments requires good visibility. CWS covers on-premise environments as well as public and private clouds- to provide a complete view of virtual datacenters and pass critical properties such as servers, hypervisors, and virtual machines (McAfee, 2019). With visibility into virtual machine security status and near real-time monitoring of the relationship between virtual machines and hypervisors, protecting virtual data centers is greatly simplified. A customizable dashboard displays the status of security scans, overviews of various factors, and historical data on resource security.

CWS has the ability to use micro-segmentation to quarantine workloads or containers with a single click, quickly limiting the potential for the threat to move within the environment and reducing the risk of misconfiguring resources. It also gives administrators the ability to manage native security group configuration through the CWS console (McAfee Cloud Workload Security, 2019). It has docker container discovery using Kubernetes, a popular open-source platform used to manage container workloads and services, allowing TechFite to view and manage containers in McAfee ePolicy Orchestrator (ePO). CWS also has enhanced threat monitoring and detection with AWS GuardDuty alerts available directly from the CWS dashboard.

Adoption Steps of the Technological Solution

CWS allows companies to use a single interface to manage numerous correction measurement technologies for on-site and cloud environments. This includes integration with other technologies, such as AWS GuardDuty, McAfee Policy Auditor, and McAfee Network Security Platform. As per the NIST framework, the adoption steps will be as outlined. In the first phase, a risk assessment will be conducted to evaluate and assess the major vulnerabilities and thus focus on the priorities (McAfee, 2019). The second step will involve the deployment of the CWS system. In the third phase, the IT staff will conduct a scan to establish suspicious security breaches, malicious attacks, and hacks that could affect the company. The fourth phase will involve the mobilization of a responsive procedure (after all malicious activities are detected) and coming up with a timetable. An improvement plan will then be formulated in case the system requires any improvements in the future. The fifth phase will involve the recovery of system procedures since all the threats will have been neutralized. TechFite should ensure that all the steps are carried out thoroughly and that the system follows all the phases' requirements. The implementation process will come with several risks. The first risk is internal employees. They can misuse the cloud access data leading to attacks. TechFite should maintain careful management of the identity and permissions of its cloud services. Another risk is cybersecurity and this can be dealt with by prioritizing all the vulnerabilities and impeding all the workarounds. Lastly, if the adoption of the hybrid cloud introduces blind spots, these can turn into potential points of vulnerability. This is why a unified solution is essential to apply the security criteria in different environments but in a homogeneous manner.

Negative and Positive Impact of the Technological Solution

CWS has many advantages for TechFite. First, it has high scalability and easy deployment of new technologies. It supports new equipment, cloud services, and applications without introducing new risks or harming the operational efficiency of the data center. Respond to the demand for access to these advanced technologies without requiring employing additional IT staff. It is easy to use, offers great precision thanks to its machine learning capabilities and great ease of deployment (McAfee Cloud Workload Security, 2019). CWS offers a wide range of services for cloud security: it can be used to control user authentication, encrypt data traffic, block unwanted data traffic, identify malware, and enable alerts in case of suspicious actions or integrate additional access requirements (Outpost24, 2018). The continuous visibility of instances of elastic workloads eliminates "blind spots" and, at the same time, automates the deployments of directives that so much work was required in the past. Centralized management and automated workloads dramatically reduce the complexity of hybrid and multi-cloud environments.

It also has a simple and centralized administration. A single console offers consistent security policies and centralized administration in multi-cloud environments with different servers, virtual servers, and cloud workloads. Administrators can also create multiple role-based permissions in McAfee ePolicy Orchestrator (McAfee ePO ) software, allowing them to define user roles more specifically and appropriately. Moreover, network visualization with micro-segmentation is possible (McAfee Cloud Workload Security, 2019). Cloud-specific network visualization functions, priority risk alerts, and micro-segmentation offer detection and control, in order to prevent lateral progression of attacks within virtualized environments and from malicious external sources. One-click shutdown or quarantine function helps reduce the chances of configuration errors and increases repair efficiency.

The only shortcoming of CWS is that it will be expensive to install and implement the solution. However, the automation process will offset the costs and expenses incurred and in the long run, a lot of money will be saved. Once the system is put in place, it will require few updates and the additional training required will not incur a lot of expenses. A comparison between the potential positives of CWS and its negatives shows that the positives far outweigh the negatives.

Comparison of the Technological Solution to Existing Similar Technological Solutions

A similar cybersecurity solution to CWS is the Hewlett Packard Enterprise Secure Compute Lifecycle. It ensures the detection of threats and securing any data stored. However, it has fewer tools compared to CWS. It does not have a firewall system and is slow when dealing with massive data traffic. The most common variant of cloud usage is the public cloud. Cloud providers such as Google Drive or Box provide their customers with fully-equipped online storage with their own security solutions. Microsoft Azure and Google provide secure infrastructure in the cloud and include complete security controls. However, if an organization wants more control over their data, they can use a private cloud or a hybrid cloud. These online storages are totally or partially independent of public providers. This brings more control over security measures but requires more technical effort. Companies use private or hybrid clouds in particular for data protection and IT security reasons.

Methods for Assessing the Impact of the Technological Solution

The installation of the CWS technology as a cybersecurity system is to ensure that all cyber risks are dealt with. The best assessment tool for measuring the effectiveness of the CWS will be using a risk-based approach. Through this approach, it will be possible to assess and measure the success of the solution. The risk-based approach has two essential metrics, the Average Time to Detect (ATD) and the Average Time to Respond (ATR). ATD is used in evaluating the time taken by the IT to become aware of an attack or any suspicious activity. A reduction in the ATD will show the implemented solution is more effective and more efficient. On the other hand, ATR is a measure that...