Nick Cross, Vice President, Networking & Security, VMware EMEA
How important is ‘where’ we work? Location is becoming more irrelevant as traditional office-based working is being replaced by more a flexible, distributed ‘anywhere’ model. But if employees can’t get secure access to the right information at speed, wherever they are, anywhere working will fail.
Whether you’re in the office, at home, on the move, or in co-working spaces – the flow of data through an organisation has increased in complexity. Multiple locations means multiple points of risk and greater security threats between data centres, applications, the network, the cloud, and devices. With corporate data no longer protected by the traditional infrastructure perimeter of the office, securing data across all these potential entry points has rightly become a boardroom issue.
VMware’s recent Global Security Insights Report revealed the most vulnerable breach points on the data journey as organisations move their infrastructure to accommodate the anywhere workforce. Eighty percent of organisations surveyed stated they have experienced cyberattacks due to more employees working from home and almost one in five cite the network as being their main breach point of concern. Let’s take a closer look.
The network is paramount, carrying data from the data centre to the app to the cloud to the device. Whilst securing traditional networking has largely been restricted to the perimeter of the corporate infrastructure – a secure bubble guarded by a firewall – it’s no longer clear in the modern world whether the new network even has a perimeter any longer, let alone how to secure it.
There may be 50,000+ connection points outside the traditional corporate firewall, wherever an ‘anywhere worker’ might happen to be. By vastly expanding the network’s reach through VPNs (or ‘Virtually Pointless Networks’, as they are ironically being labelled), IT leaders have ultimately lost the end-to-end visibility that they used to count on.
With organisations dealing with more extensive physical and virtual networks, network security must be amplified to reinstate this visibility. The Virtual Cloud Network is a solution that can deliver pervasive connectivity and intrinsic security as a built-in distributed service, for users to apps and businesses to data, regardless of location.
Underpinning this are new technologies such as Secure Access Service Edge (SASE), that reroutes networking requirements through the cloud, providing better context, scalability and seamless user experience. In fact, Gartner predicts that by 2024, more than 60% of SD-WAN customers will have evolved this into a SASE architecture, compared with only about 35% in 2020.
Edge IoT devices have a similar challenge with IT teams struggling with a lack of visibility across the multiple devices they are managing. For critical infrastructure suppliers such as energy providers for example, IoT devices and the data that runs to and from them through the network, are central to monitoring the status of their systems.
For Ansaldo Energia, a critical task for its global operations is its monitoring and diagnostic system, which collects data from more than 200 power plants around the world. To protect the devices collecting this data, Ansaldo adopted a cloud-based solution that delivers a 30% drop in total cost of ownership while improving security and flexibility.
Whether you’re securing the network, apps, workloads or endpoint devices, organisations need to rethink security as an inherent and distributed part of the modern enterprise through a zero-trust approach. By incorporating zero-trust security principles into an organisation’s supply chain, they can achieve complete end-to-end protection. This creates a comprehensive ‘security operations centre’, which provides the context and visibility that IT teams need. Relevant security information is presented in context and combined in an intelligent fashion across teams, reducing silos and improving teamwork and communication.
Anywhere working will help to make employees feel empowered, connected and productive, and taking this new stance will ensure teams are better equipped to solve the threats of today and tomorrow, with fewer blind spots and reduced time to detection and response. Organisations can better operationalise security, making more effective use of people and resources, all whilst delivering the speed and security required of the modern enterprise.