This article originally appeared in Forbes.
Cloud adoption can change not just the way an enterprise works, but the way its IT leadership manages applications, connectivity and security. Transition to the cloud offers an opportunity for enterprise IT leaders to reevaluate network architecture and optimize user experience. IT stakeholders looking to optimize network performance for a cloud environment must understand how architecture impacts cloud access. The new blueprint for enterprise IT connectivity infrastructure is comprised of five functional components: inline security, modern identity/access management, smart endpoint management, dynamic security information and event management (SIEM) and direct-to-cloud connectivity.
Enterprise IT stakeholders moving to a cloud model must recognize the subsequent impacts on security and network performance, particularly with regard to mobile users. When doing so, it’s important to:
Move security as close as possible to users, and ideally, inline. If users are distributed and remote, put security nearby, even if that means distributing data centers or leveraging a cloud-based security tool with local points of presence. Recognize and account for scalability costs as user traffic increases.
When doing so, it’s key to:
Sunset legacy directories for a modern IAM that supports single sign-on (SSO) and leverages protocols like security assertion markup language (SAML) to integrate with your cloud ecosystem.
As workers move to the cloud, IT leaders must reevaluate endpoint management. Will corporate endpoint management processes adapt to a “cloud way of work”? Two practices to consider incorporating for endpoint management in a cloud environment:
Integrate endpoint management into security operations center (SOC) workflows. Infected machines and devices must be controlled and isolated.
Event management, like most traditional hub-and-spoke network functions, has to evolve to function properly (read: securely) in a cloud environment. IT leaders moving to the cloud need to ensure SIEM can handle the impacts of the transition. When doing so:
Ensure the “new SIEM” can handle the explosion of data from multiple cloud services and have the smarts to correlate events and glean actionable insights.
SD-WAN is a more direct-to-internet connectivity model. Conceptually, SD-WAN separates network control from hardware, effectively virtualizing WAN management. When utilizing SD-WAN:
Use local internet breakouts instead of backhauling traffic from branch offices to headquarters over multiprotocol label switching circuits.
If your organization is moving applications to the cloud, starting with these five pillars can help transform both your security and your network.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dr. Amit Sinha is Zscaler CTO and Executive Vice President of Engineering and Cloud Operations
By submitting the form, you are agreeing to our privacy policy.