By: Lane Bess

The Disappearing Network Perimeter is No Illusion

If you manage an enterprise network, you are probably well aware that the world of enterprise security is undergoing a complete transformation, driven by new technologies and trends, including:
 

  • Mobility: More users are going mobile, working from home, and bringing their own devices (BYOD) and apps to work. In fact, mobile devices now outnumber PCs in the enterprise.
  • Cloud: Even if you’re on the conservative end of that trend, your company most likely is already using some cloud applications like Salesforce.com, or has users storing data on sites like Dropbox.
  • Social Networks: The rise of Web sites like Facebook and Twitter make it impossible not to mix business and pleasure, but these sites introduce security and compliance risks. Attackers can masquerade as a trusted contact to gain access to information they should not have or hide malicious URLs in the shortened links of social media.

If you manage an enterprise network, you are probably well aware that the world of enterprise security is undergoing a complete transformation, driven by new technologies and trends, including:

  • Mobility: More users are going mobile, working from home, and bringing their own devices (BYOD) and apps to work. In fact, mobile devices now outnumber PCs in the enterprise.
  • Cloud: Even if you’re on the conservative end of that trend, your company most likely is already using some cloud applications like Salesforce.com, or has users storing data on sites like Dropbox.
  • Social Networks: The rise of Web sites like Facebook and Twitter make it impossible not to mix business and pleasure, but these sites introduce security and compliance risks. Attackers can masquerade as a trusted contact to gain access to information they should not have or hide malicious URLs in the shortened links of social media.

In fact, more than half of business communications and transactions today are taking place beyond the bounds of the traditional corporate network.

Having been in the enterprise security for more than 25 years, I’ve seen many security tools and technologies come and go. In fact, during my time as CEO at Palo Alto Networks the company introduced the next-generation firewall, a product we knew would revolutionize the market, and drove the recognition that the old approach to security was simply not sufficient. The changes happening now are the most significant, and are creating some of the biggest challenges, that I’ve seen yet. Cloud technology will be essential in completing the security equation as the perimeter dissolves.

What does this mean for CISOs and IT security professionals? As the traditional network perimeter continues to dissolve, it is getting much more difficult to protect company data from the growing gaps in security, and to make sure the users that are accessing that data are protected.

That’s because the traditional network security appliances that were designed to protect static corporate networks are no longer suited for the job. Why? In the past, network security was about creating a "moat" around your company assets to protect users, servers, applications and data inside the corporate network perimeter. When 90% of users were in the office and 90% of access was to on premise applications, the appliance-based model worked fine.

Today, mobile users are going direct to the Internet, bypassing gateway proxies and firewalls. VPNs do nothing to secure 3G/4G mobile traffic. Backhauling Internet traffic over MPLS networks to a few central gateways quickly escalates costs and introduces unacceptable latency to the user experience. Inside threats can easily leak sensitive information through Gmail and Facebook messages.

Sophisticated hackers are increasingly exploiting these gaps in security, targeting unwary users as a beachhead to attack corporate networks. Privacy concerns remain unabated, as 60% of the most popular mobile apps communicate user location and device information to external advertising servers.

Clearly, a new approach is needed. One that protects users no matter where they are in the world, or what device they are on. One that provides economies of scale, so you are not constantly chasing hardware and software upgrades in an effort to keep your security current. And most importantly, a technology that operates seamlessly, enabling business to get done without getting in the way of its users or administrators.

The appliance-based model simply wasn’t built for security beyond the corporate network. The only way to do that is with a global Security Cloud that provides a secure filter between users and the Internet. So nothing bad gets in, and nothing good gets out.

It requires much more than simply putting traditional appliances in the cloud and calling it “cloud security.” It requires an entirely new approach that can handle the constantly changing, dynamic reality of today’s business environment. It requires a shift from the old approach of securing static endpoint devices – PCs – to security that travels with the user wherever they go. It requires an architecture that’s built to protect users as they go direct to Internet, without slowing them down. And it requires leveraging the power of big data analytics to provide real-time insight into the most relevant trends impacting your business.

We’ll be talking a lot more about these concepts in future posts. If there is one takeaway I hope you’ll get from this blog, it is this: the world of IT security is changing, and those who don’t prepare for those changes are leaving their companies dangerously exposed.

Are you prepared?

Learn more about Zscaler.