Following a whirlwind of employees adopting cloud-based applications and social media platforms in the workplace, it has brought mobility to the top of the agenda for IT. The accessibility of networks means business now happens any time at any given place, establishing an era of the ‘Everywhere Enterprise’.
It is evident that there is no longer a set perimeter as mobile devices can connect to 4G networks (soon to be 5G) rolled out in every major city with ease. To put into perspective, we can even check our emails 200 feet below the surface on the London Underground platforms with public Wi-Fi networks.
IT struggles to keep up with monitoring such a diverse range of network access points
While this workplace shift creates the benefits of increased agility and productivity it is creating a number of security concerns. IT struggles to keep up with monitoring such a diverse range of network access points. It is inevitably losing control with the employee now pulling the strings. As a result, the organisation is at risk of cyber security threats coming in from all directions.
Along with the evolution of working practices, threats too have developed from viruses to more sophisticated multi-faceted attacks. These attacks are targeting both the user and the device they operate from and mobility has made it even easier to breach corporate security measures. Looking at securing users beyond the company walls means moving away from the traditional focus on perimeter defence.
[easy-tweet tweet=”CISOs require a new approach to security in the age of the everywhere enterprise” user=”zscaler and @comparethecloud” usehashtags=”no”]
In this new age of progressive IT, CISOs require a new approach to security; one that provides consistent policy, protection and visibility to all user and devices irrespective of location.
Challenging traditional security
The 1990’s idea of using security appliances installed in a data centre to protect employees who are on their laptops sitting in cafés and working via the cloud, no longer makes sense.
Not only are security appliances tied to legacy location concepts, dictating limitations to the business rather than enabling it, they tend to be built for one security function only. This creates an explosion of new appliances in the data centre to keep up with each new threat, all of which must be individually purchased, installed, maintained and updated.
[easy-tweet tweet=”1990s approaches to IT security don’t work anymore” user=”zscaler and @comparethecloud” usehashtags=”no”]
Appliances also lack the pace to counter evolving threats and fail to meet the architectural flexibility to accommodate new enterprise technology. As a result businesses are operating on outdated security models that don’t provide enough visibility to enable security executives to maintain control.
As such, the traditional ‘block vs. allow’ strategy is no longer fit for purpose in today’s ‘Everywhere Enterprise’. As the working environment evolves, organisations require a shift to a ‘manage and monitor’ approach. After all, prohibiting access to Internet resources will only encourage users to bypass security controls.
Bridging the cloud gap
However, while the return on investment of the cloud solutions has been well documented, the trend towards using them for security purposes has been treated with trepidation. That’s due to the perceived risks that have been driven by ill-equipped security appliances featuring in the majority of workplace architectures today.
As cloud applications become more widely accepted and deployed however, CISOs are starting to see the competitive advantages of cloud computing in terms of flexibility, agility and competitive advantage. Why pay for capital investments and the resources to manage them when you could redeploy the money for strategic projects?
New technologies and processes can deliver enormous gains in productivity and efficiency to drive business metrics like revenue generation and customer satisfaction. And that’s not the only critical advantage. Cloud solutions are integral to helping businesses realise advanced security capabilities – most importantly, better visibility.
[easy-tweet tweet=”Corporate network omnipotence is no longer a ‘nice to have’, it’s a business imperative” user=”zscaler” hashtags=”IT”]
In today’s complex IT environments, the ability to see how every user, device and application is accessing the corporate network is no longer a ‘nice to have’, it’s a business imperative. The next generation of enterprise security is about the Direct-to-Cloud Network approach. This is much more than blocking threats. It will support critical security protection by enabling IT to take back control.
Shifting power to the CISO
The proliferation of mobile and cloud technologies has shifted the centre of gravity toward the user.
Moving security to the cloud shifts the balance of power back in favour of the CISO. It allows companies to embrace innovation securely, while providing the visibility and controls needed to ensure compliance with corporate policies. It also helps executives to regain control of the enterprise’s digital assets and user activity, whether located internally or externally on the internet, so they can spot potential threats before they escalate.
The challenge for today’s CISOs is shifting focus from basic infrastructure projects to more strategic initiatives. Moving security to the cloud is an example of this type of transformational process. It provides business agility, reduced costs and more importantly, it enables CISOs to use security capabilities as a business enabler.
protection is no longer enough, prevention is now key
Many CISOs are beginning to act on the principle that protection is no longer enough, prevention is now key. Forward thinking executives will be investing in cloud-based security to facilitate initiatives in light of this new reality.