Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Products & Solutions

IT administrators must stop hugging appliances and embrace cloud security

February 19, 2019 - 4 min read

It’s not an easy decision to replace your existing security infrastructure with cloud security.

After all, in the world of cybersecurity, the bad guys only have to succeed once playing offense, whereas you, playing defense, have to succeed every time. With this ever-present threat looming, many companies are hesitant to make changes to their security environments.

But we’ve entered a world where cybersecurity has evolved from an initial footprint of antivirus programs and firewalls to complex, multilayered technology stacks. And even this technology has gone through multiple generations. When a new symptom would emerge, security vendors would develop a product to address that symptom, often as a standalone appliance. This has resulted in deep portfolios of products that are difficult to integrate, expensive to own and manage, complex, and inefficient. And given the number of breaches that we regularly read about, they’re not effective either.

The game has changed dramatically. Computing environments are moving to the cloud, users are mobile, and new technologies, such as the Internet of Things (IoT), are opening new areas of concern for security teams.

All this means that it’s time to re-evaluate your security situation.

Moving away from security appliances and toward a cloud-based security infrastructure can provide greater protection at a lower cost than a reliance on appliances. Cloud security is always on and always up to date, so it can protect against security threats emerging around the world and deliver identical protection to users no matter where they connect—from home or remote offices, in the HQ, or using public Wi-Fi. Even so, many cybersecurity professionals are hesitant to change. With IT transformation taking place, fueled by the cloud and mobility, why do they cling to technologies designed for another era? I believe it can be attributed to two reasons:

Touch and feel – Moving away from appliances means that people have to overcome the preference to touch what they’re paying for and working on. It’s a lot like the music industry—many executives thought customers would always want a physical copy of the music. But as customers discovered they could have more access at a lower price, they overcame their need to touch and feel an album or CD. In a similar way, companies need to overcome their attachment to appliances. Once they do, they’ll realize they can get so much more from an integrated cloud security solution.

Cloud-based infrastructures make security broader, faster, and simpler. To help overcome their reliance on security appliances, companies should run their current technology alongside a cloud-based security service to see the additional protection they get for all users on and off the network, and the increased visibility and reporting. The proof points will speak for themselves and should be able to outweigh the reluctance to let go.

Fear of irrelevance – Many security professionals have spent their careers designing and managing networks. There’s a fear that cloud security will make them redundant and their approach to and deep knowledge of security irrelevant. Instead, they should view cloud-based security as the next step in their career. With cloud security, these professionals will still be defining the security policy based on all of their knowledge and experience. They’ll still be managing the firewall, the sandbox, and DLP solutions, but from a central dashboard. And because all security engines are integrated, they’ll gain insight into what’s actually happening across the network, so they can regain control. At the same time, they’ll see dramatically reduced complexity which, ultimately, will help them do a better job.

I understand why security professionals don’t want to make changes to their existing infrastructure. They have good relationships with vendors, understand the equipment deeply, and see the role it plays in their security portfolio. On top of all that, the fear of making mistakes is high. The problem is that everything is moving to the cloud, and it’s important to take a hard look at the benefits of cloud security.

From a cost perspective, it may be more efficient to move to the cloud or distribute those appliances in different ways. It’s also more effective to refactor the security problem so you solve problems in ways that make it simpler to tame bad actors. You can make the environment easier to manage, leading to better adaptability and making your environment more resilient against new threats. And with expanded capabilities, you can tackle and solve new problems.

Here’s are the questions to ask yourself: what would you do if you could start over from scratch? How would your infrastructure look? Would you continue to route all your traffic through a security gateway before it goes out to the internet and cloud? Would you have mobile users VPN into the network on their way to cloud apps? Or would you let go of the past and deploy a solution that protects all users without compromise, reduces costs and complexity, and enables your organisation to transition securely to the cloud?

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Matt Piercy is VP and General Manager of Zscaler EMEA

form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.