SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
We need to stop thinking about security and networks as separate
Fri, 2nd Mar 2018
FYI, this story is more than a year old

With the recent changes to Australia's data breach laws, it's clear that security can no longer be the afterthought in networking solutions. The problem is that we tend to treat it like a house onto which we keep tacking on additions and performing makeshift patch jobs. Sure, it keeps the whole thing standing, but due to the compromise, you must wonder if you'd be better served by rebuilding from the ground up. Only then do you get what you need.

No one wants to find themselves in a position where you need to report a breach to the Information Commissioner. The modern network environment can no longer be in a constant state of catch-up. Things need to change.

The days of the hermetically-sealed network environment are a distant memory. We are led by our employees' consumption habits. Most organisations break out the “job done” stamp if they've secured email on a mobile device or for a mobile workforce. This ignores the wealth of productivity (and not so productive) apps that leave you vulnerable.

Then there's unauthorised cloud-based software. With research firm Everest Group calculating that this Shadow IT now accounts for more than half of IT spend in large organisations, it's time to concede defeat in fighting it. We need to accept it delivers access to functionalities and capabilities quickly, and create the layer of protection and policy that allows them to do it safely.

And on top of that, IT departments, already lean operations these days, are also contending with the accelerated rate of expansion where the rollout of new branches is expected to happen in hours, not weeks.

Yet more fragmented solutions

Many of the solutions to these problems only address one part. For instance, Cloud Access Security Brokers (CASBs) give you the ability to deal with mobile, cloud and shadow IT but don't solve the other limitations of the traditional WAN such as cost, scalability and maintenance. So, it becomes just another add-on. As businesses make their digital transformation, they need a solution to deal with cloud and mobility, and cost-effectively keep pace with either business growth or the current security climate.

It's this need that's driving the rapid uptake of software-defined WAN (SD-WAN), which IDC predicts will achieve a compound annual growth rate (CAGR) of 70%, reaching $US8.05 billion in 2021. It certainly solves some of the problems. It's affordable, reduces appliance sprawl and overheads; and provides a high-performance cost-effective alternative to MPLS. This last point is good news when many in the industry have complained for years that the costs of an MPLS pipe has not reduced like broadband or 4G has.

But once again, that's only part of the picture

The Total Package

SD-WAN options at this time do not holistically address modern user behaviour across on-premise, mobile, public cloud usage and there's still the security and management aspect of that to deal with. While SD-WAN will evolve to manage these discrepancies, a technology has already arrived in the shape of SD-WAN as a service, which adds a managed services component. It's an affordable way to manage traffic to branch sites and deal with the complex security environment of the modern enterprise network.

The “as-a-service” mantra of scalability and reducing costs is practically a cliché now, but when your IT department doesn't have to manage patching and updates for branch sites across the country or globe, it's not hard to see how SD-WAN as a service can make reducing your KTLO (keep the lights on) spend a reality.

And that's as well as delivering a single cloud-based network, which means there's one network, one security, one policy that protects traffic no matter where it is - and it's managed through a single interface. Where the network goes, the security goes, which is how it should be.

Only when networking and security are intrinsically linked can we get from away from “making do” with systems that truly fit the way business functions now and beyond and keeps you and your customer's data safe.