Bit by bit
Best Argument: Overhaul
Audience Favored: Bit by bit (62%)
Desperate times call for desperate measures
Ken Hess: Things in IT change in one of two ways: evolution or revolution. One might believe that a logical, methodical, incremental pace is the way to fix data center security, but it isn't. Malevolent hackers, social engineers, and other data criminals don't use those techniques, so why should we do so as defenders?
But it isn't only 'over the network' attacks that need a revolutionary overhaul, it's also our data center's physical security that requires us to rethink and rebuild. For example, in multitenant data centers, external security is near military grade, but once you're allowed inside the chilly, raised floor server sanctuary, there are no such measures. Company A and Company B share those same spaces with dozens, or even hundreds, of other tenants. Shared data space isn't that uncommon and isn't necessarily a problem. The problem is that you're inside the data center, you have access to physical servers from a variety of customers, whether or not they know it.
Only a revolutionary overhaul of data center security can fix these two basic problems. An incremental approach is the wrong answer when facing these desperate times.
Don't jump into major upgrades with both feet
David Chernicoff: When security issues in your datacenter are identified the temptation is great to rip out the offending application or system and replace it with the latest and greatest solution from your vendor of choice. But if you’re getting that urge, sit down and have a cup of coffee while you think about it. The nature of the datacenter is one of an intimate ecosystem involving multiple vendors, different classes of hardware and software, and a significant effort to get everything into homeostasis.
The wholesale replacement of even a single component of that datacenter architecture means that in many ways you are starting from scratch, especially when you are dealing with the issue of security; one that touches on so many different pieces of the environment, and where a small error in configuration can cause cascading problems that shut down users or open up your systems to attack, or potentially both. Effectively dealing with a current security problem means evaluating the impact of your changes not only on addressing existing issues but how it will impact future growth.
A careful examination of the current problems and how they can be addressed while keeping an eye on the future means not jumping into major upgrades with both feet. A careful, considered approach of well-planned upgrades and efficient modifications to your security model will allow you to maintain a flexible and effective security infrastructure with minimal negative impact on your users.