Security has become incredibly complex. With thousands of products available, from end-point security, to device security, application security and network security, there is a lot of security to consider.
By Gareth James VMware NSX manager for sub-Saharan Africa
With the network emerging as one of the most powerful tools in an organisation’s cybersecurity kitbag, whether that’s as a vehicle to deliver security, or powering the delivery and availability of the applications businesses are using to stay competitive, it would seem fair to acknowledge network security as critical. But who is ultimately responsible for it?
The network has become the critical pipeline, creating the expansive connectivity, that carries data from source right into the hands of end-users. It’s what connects the data center, multiple clouds, IoT sensors at the edge – everything that makes up a business today. It would not be wrong to argue that the network has become central to a modern redefinition of IT security. And yet, it’s only through the emergence of software-defined networking that this has become truly possible.
Given this, it’s perhaps alarming that in a new survey by IDC[1], almost two thirds (59%) of European IT heads believe it’s really challenging to gain end-to-end visibility of their network. At least they seem to acknowledge that this is a problem, with almost half saying this lack of visibility is a major concern.
Meanwhile, more than a third (37%) feel the challenges associated with this lack of visibility has resulted in misalignment between security and IT teams – and a quarter (29%) have no plans to implement a consolidated IT and security strategy, according to new global research by VMware in partnership with Forrester.
While organisations are clearly starting to wrestle with this issue, there is a recognition that network transformation is becoming essential to delivery of the levels of resilience and security required by modern businesses, with 43% of European organisations (according to IDC research) saying this is a key priority for them between 2019 to 2021.
In today’s pressure-cooker environment, businesses have to adapt to changing market conditions faster than ever before, and they’re relying on their applications to do so – building, running and managing new applications that span the entire network, from the data center, across any cloud, all the way to each and every end-point device. Harnessing the power of these applications is vital, but the challenge of protecting each and every one of them, their associated data and ultimately their users, is becoming more complex than ever before.
So, when failure isn’t an option, how can organisations tap into the power of the network to protect data across the entire organisation, from origin to end-user?
The challenges with putting the network first
Firstly, if there’s to be any chance of a cohesive strategy and approach, collaboration between relevant teams is vital – although this alignment and coordination in itself is proving to be one of the greatest challenges facing businesses.
As it stands today, only a third of networking teams are involved in the development of security strategies, despite 61% being involved in their execution, signalling that network teams are not seen as having an equal role with the other IT or security stakeholders when it comes to cybersecurity.
Actively breaking down these silos and eliminating the friction between stakeholder teams should be seen as a critical priority: modern security must be seen as a team sport, as it is only by working together and taking a holistic approach that the sophistication of the modern threat landscape can be addressed.
An intrinsic approach to fighting increasingly sophisticated challenges
Secondly, we need to make security simple again. Traditional approaches to security, designed for a different world, but applied to one of an almost infinitely worse threat landscape, are resulting in an unmanageable and dysfunctional complexity, relying on too many point products.
Typically focusing on blocking threats at the network perimeter, these so-called solutions tend to be reactive and rely on being able to recognise malware – a futile task with over three hundred thousand new zero-day threats appearing every day. They are entirely unsuited to today’s digitally transforming world, where the flow of information is ubiquitous, and infrastructure has to have the ability to be agile and continuously morph and scale.
We believe it’s possible to simplify security by aligning it to applications and data, delivering it via the network, and by making it intrinsic to all elements of the infrastructure (rather than only at the network perimeter). In today’s software-defined world, it is possible to seamlessly weave security into every layer of a business’s digital foundation, significantly reducing the attack surface exposed to malware. It’s a more proactive approach to threat management as it’s no longer necessary to be able to recognize what a threat looks like.
Rather than adding complexity, it’s making things simpler; using the organisation’s existing software infrastructure and end-points, and enabling them to design security into apps and data at source. This is helping businesses shift from a legacy security model, where they reactively try to block or chase the bad, to a stronger approach to security, where the ‘known good’ is rigorously enforced.
Built with modern applications in mind
In pursuit of delivering an ever-improving customer experience, the pace of application development and deployment has accelerated rapidly: in this brave new world, enterprise IT can no longer afford to be a world in which operational silos and inconsistent networking and security tooling dominate in private, public, and edge/branch clouds. Business success today demands better automation, consistent infrastructure, and the ability to efficiently connect and secure modern application frameworks across data centre and cloud deployments.
Enterprises large and small are undergoing application transformation to realise this and stay ahead of the competition. Modernizing applications using containers and microservices has emerged as the dominant software development approach, and Kubernetes has become the de facto container orchestration platform.
This is why a software-first approach via a Virtual Cloud Network (VCN) is becoming the table stake for organisations truly looking to move forward at speed. Forget bolted-on, siloed networking and security products. Instead, imagine having a seamless, secure, software-defined networking layer from data centre to cloud to edge.
A VCN is a software layer across the entire data centre infrastructure, and beyond, from physical servers, to public and private cloud and edge. It gives the network automated agility, flexibility, and simplicity, allowing the network to become an enabler of business outcomes, rather than a siloed cost centre.
By delivering secure, pervasive connectivity with the speed and automatability of software, a VCN can hold the promise of helping to banish siloes, lost opportunities and greatly improve the manageability of security issues for the business. Network security becomes a positive contributor to business competitiveness, and no just longer an increasingly ineffective cost centre.
You may think it’s counter-intuitive, especially to existing security general practice – but essentially, with intrinsic security, less is more. By using fewer security point solutions across the entire IT environment–public and private clouds, devices and apps–companies can gain more visibility, efficiencies and cost savings.
The network is the universal fabric that drives connectivity, intrinsic security and application delivery. It provides consistent, pervasive connectivity and security for apps and data, wherever they live. Businesses can ill-afford to wait to recognise that the network is the DNA of any modern security, cloud and app strategy. It should be seen as a strategic weapon, and not merely the plumbing.