Missing link: IT from a single source or heterogeneous? A security comparison

Contents

Would you rather play with soil in a neat and mono-chrome rubber plantation or in a wild and multi-hued garden? A plantation gives you lots of predictable, commercial rubber. A forest, on the other hand, is mysterious and full of diversity.

When a rot attacks the rubber plantation, it spreads fast and mercilessly. Erasing everything. Not so in a forest, where some fungi, some big tree, some small shrub, some helpful insect or some invisible bio-dance will come up as a timely armour.

"Missing Link"

What's missing: In the fast-paced world of technology, we often don't have time to sort through all the news and background information. At the weekend, we want to take this time to follow the side paths away from the current affairs, try out other perspectives and make nuances audible.

• All our the "Missing Links"

Heterogeneity is never tidy. And, by the same force, never too-vulnerable. This idea begs scrutiny in the IT real estate more than ever. We know why. Especially after the global IT outage thanks to a Crowdstrike bug in July.

Bluescreens singing the Blues

The screen of death can be any colour in the IT world, but it, often, makes an enterprise's IT war-room end up in a dark room. Whether it is a reboot issue or a patch problem or an update gone goofy, no business in today's 'everything now' era can afford an outage. Things can, literally, attack out of the blue now.

Security downtime and outages are not only abrupt and everywhere; but also much more costly and trickier than ever. During such incidents, IT teams become dependent on the 'fix' that they expect from that IT lifeline-vendor. But what if there were other organs to jump in and take over when an attack happens? Also more doors for a bad actor to work extra hard on for the attack. Like some Lernaean Hydra – but on the good side? IT heterogeneity can expand your IT army, back-up game and security muscle. But at the same time, it can enlarge your attack surface and add to your IT complexity.

Crowdstrike changes the perspective

Chief Information Officers (CIOs) are actually thinking about heterogeneity from a security angle now, after a spate of cyber-incidents witnessed in the recent past. "We are thinking about diverse solutions as having different platforms simply helps to divide one's risks", shares Vinesh Gupta, General Manager at The Den, underlining the view from a hospitality sector's side – specially from the lens of downtime and guest data.

"The (Crowdstrike) incident, for instance, was an outage for only five hours or so, and the business continuity plan kicked in. But what if the outage had lasted longer? We also realized that having back-up is not enough, unless it can be up and running in a different environment without friction or delay", says Gupta, "Hence, it helps to have multiple platforms, where a back-up can also work with immediate action and equal effectiveness."

Heterogeneity always helps, stresses Surjeet Thakur, who has advised several Hospitals in India and Oman as their CIO. He favours a "best-of-the-breed approach": "Security in the healthcare gamut is huge, and relying on a single vendor or product has its disadvantages and advantages. The minimal margin due to security lapses and the associated risks help make the decision for a robust solution and not focus on a number of vendors. As a matter of fact, there are not many vendors who offer the entire security solution portfolio which is robust and reliable."

Ask Shivraj Borade, senior analyst at the Everest Group, adds that before diving into the single-vendor versus multi-vendor debate, it's essential to recognize that a multi-vendor cybersecurity tools portfolio isn't optional, but is a necessity: "While a single vendor might offer ease of management, cost efficiency, and accountability during crises, the reality is different. Moreover, IT spans four critical towers, Cloud, Digital Workplace, Cybersecurity, and Networks. Each have unique, specialized needs that demand targeted capabilities."
Gupta upholds the value of spreading one's assets in a heterogeneous arrangement. "I have different network backbones for different purposes at the hotel. This is configured as per the value and speed-need of data in question." He also mentions how injecting heterogeneity in devices is very important – between Android and Macs. "We perceive Apple to be infallible. But we never know. It helps to have alternatives."

Larger attack surface to defend

However, Mike Smart, senior analyst at Nelson Hall, reasons that IT heterogeneity generally expands the attack surface that needs protection. "While distributing 'eggs in different baskets' can reduce the impact of a cyber-incident by minimizing single points of failure or vulnerabilities, this benefit only holds when minimizing the opportunity for lateral movement within the attack chain through the use of strong zero-trust policies. Otherwise, an attack on one system can quickly spread to others."

Senior analyst Cameron Marsh from Nucleus Research also contends that, while IT heterogeneity can reduce reliance on a single vendor, it may introduce more complexity in managing security across multiple systems. That can ultimately become a liability.