The performance and security needs of corporate networks have evolved greatly in recent years, driven by changing business and economic demands, different patterns of working and a continuous stream of new technologies. In this environment of ‘business 2.0’, the network is the organisation’s vital beating heart, a strategic business tool used by companies to drive significant competitive advantage. But this central role also brings management, risk and security challenges.
From privilege to prerequisite
Easy access to corporate networks has become an expected right for employees. Capturing the resulting business benefits – whether it’s faster, better decision- making or higher employee productivity – is IT management’s enduring challenge. Network security considerations have also proliferated. Today’s industry talk is of the ‘dynamic perimeter’, in which applications and data are location-independent, and where information fl ows securely across unconventional network boundaries with no distinction between internal and remote users. This new environment creates new data security issues including:
- managing, controlling and securing access to high volumes of fast-moving, sensitive, de- centralised corporate data;
- defining and achieving the right balance between security and speed;
- ensuring business units and the extended enterprise of suppliers and business partners meet corporate (or industry) compliance standards; and
- mitigating against threats from the malware of increasingly organised and sophisticated criminals.
How networks are changing in response
How are companies meeting these increasing demands on their networks? One increasingly common approach is through server virtualisation, which offers many advantages including being more efficient and environmentally friendly. Cost and carbon-saving benefits are partly behind the emergence of network security consolidation combined with Unified Threat Management appliances. This removes complexity from IT systems, allowing greater visibility for decision making through simplified reporting and is an easy-to-deploy, low-cost solution.
Some organisations are going further still as part of wider ‘lean computing’ initiatives. They are drawn to the inherently more flexible, low up-front investment and pay-per-use models permitted by cloud computing and Software as a Service providers. These allow companies to abandonthe high initial capital expense and lock-in of owning IT assets outright. Others are sending resource-intensive IT tasks such as data backup to ‘the cloud’. Deployed in unison, virtualisation, cloud computing, consolidation and convergence allow corporate networks to be designed, operated and managed in a completely different way.
Implications for security
In the new, dynamic network architecture, remote corporate sites, customer sites and outsourcing partners all reside outside the traditional security perimeter, as do employees’ mobile and wireless devices. The distinction between the internal and external network user has disappeared. A further development is the concept of deploying enterprise-level network security and connectivity rapidly, as and when needed; the ‘virtual perimeter’. Both mean increased likelihood of security breaches.
Other security issues for resellers to be aware of have been caused by the economic downturn. Rising numbers of employee lay-offsrequire extra levels of vigilance against the potentially destructive actions of disgruntled employees. Also, reduced headcounts have spawned a rise in short-term contractor and outsourcing use. Both require higher levels of data monitoring and preservation, plus the ability to rapidly deliver connectivity, security and data backup and recovery. All this needs to be accomplished at a time when cybercrime continues top proliferate.
Organisations can quickly find themselves under targeted attacks. Proactive, multi-layer security strategies must be implemented in order to provide the highest level of protection.