NC Nov-Dec 2021

More documents

Recommendations

Info

FEATURE: SASE A ROADMAP TO CLOSING THE NETWORK AND SECURITY DIVIDE NETWORK AND SECURITY TEAMS CAN NO LONGER OPERATE AS PARALLEL-BUT-SEPARATE ENTITIES, ACCORDING TO NEIL THACKER, CISO EMEA AT NETSKOPE Cloud-centric digital transformation has allowed network teams to build a workplace that can be anywhere, at any time and at the convenience of employees. This has revolutionised how we work, and made the enforced shift to remote and home working during the pandemic possible. It has also brought challenges, particularly for security teams who still need to identify employees and provision access to the required services in a secure manner. Before the widespread shift to the cloud, a security problem was just that; a problem for the security team to handle. However, increasingly network and security teams are no longer able to operate as parallel-butseparate teams; they have to function seamlessly together if the organisation is to operate safely and effectively. Traditionally both teams could coexist without significant issues but within the cloud, the primary concern of the networking function - performance - is not so easily separated from security's need to protect. The protective perimeter approach is no longer applicable in this new cloud environment. That means, as networking teams look to maximise all of the potential performance benefits from operating in the cloud, they must find a way to balance security's need to secure and control who has access to corporate data without negatively impacting performance. Most teams know they need to play well together and see the need for a change in attitudes and closer collaboration. Companies are exploring ways to converge efforts, personnel and budgets by adopting a SASE (Secure Access Service Edge) architecture as a way to ensure neither performance nor protection is deprioritised. If early transitions to the cloud were complex, this next step will be no less challenging. My job is to support CIOs, security leads and networking teams to make these necessary changes and I advise starting with three steps. Firstly, establish some shared parameters and metrics for success. By agreeing on a common set of parameters for digital risk, network performance, and user experience, network and security teams can ensure that everyone is working towards a common goal with no conflicting priorities. Once that is done, every activity or change can be measured and evaluated against those agreed goals. Each team must be equally 12 NETWORKcomputing NOVEMBER/DECEMBER 2021 @NCMagAndAwards WWW.NETWORKCOMPUTING.CO.UK
FEATURE: SASE responsible for each of the metrics. This can feel like a big cultural change but establishing this at the beginning means no procurement decision is taken, or architectural ideology pursued, that would negatively impact upon an agreed KPI. These parameters enable teams to enter purchasing processes with clear red lines for all parties, meaning you can pass any potential sources of internal conflict onto the vendor pitching their technology solution. Secondly, it's vital to make sure that there is good visibility of performance on an ongoing basis. Understanding how data is used has always been a driver of improved performance both for interfiling potential optimisations and removing roadblocks. The benefits of the cloud do not need to be at the expense of visibility over what data is being used - by whom, when, and in what ways. Security professionals often find themselves uncomfortable if performance, cost and usability advantage are prioritised over risk management. With ever more threats now focused on exploiting vulnerabilities in accessing the cloud, a lack of visibility is no longer something businesses can afford to tolerate. SASE allows businesses to secure data wherever it resides or travels (inside or outside of corporate infrastructure). Network and security teams should use the insights delivered by a mature SASE platform to reveal the reality of business activity and processes, and identify opportunities to improve performance or implement policies that secure vulnerabilities. Constant visibility over activity enables continuous learning about the ways in which the business is operating, and understanding of end-user actions, behaviours and processes, and so will help manage digital risk as well as identifying potential improvements in performance. Once you have established shared parameters and created a system that gives you good insight into performance, the third step is to develop a coordinated strategy to combat emerging threats. With these structures in place, network and security teams can get ahead of threats and develop clear business, network, and security procedures that fall within a set risk tolerance. Just as improved visibility can allow network professionals to use the latest threat intelligence to design a more robust and appropriate access infrastructure, the set parameters also prevent security professionals from designing architectures that result in an unacceptable drop in performance. Adopting SASE architecture forces network and security teams to embrace a shared strategy, recognising that collaboration from the outset is the only way to meet both teams' objectives. One lasting effect of Covid-19 will be the mass adoption of a work-from-anywhere approach. It is clear that employees like being able to work at a time and place that works best for them, using the devices they choose, and accessing the applications that they determine best support productivity. Networking and security teams are therefore having to rethink their 'business-as-usual' infrastructure as a result of these new working approaches, and If we do not identify and respond to them then we fail in our core responsibility to facilitate and support business operations. But this change cannot mean compromising the security of corporate data. To summarise, when working with the cloud, networking and security teams have parallel goals and must collaborate to build an enabling infrastructure that both protects and shares the essential data that enables long term business growth. NC WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards NOVEMBER/DECEMBER 2021 NETWORKcomputing 13
Page 1: NETWORKcomputing I N F O R M A T I
Page 4: CONTENTS CONTENTS N O V E M B E R /
Page 7 and 8: INDUSTRY NEWS With support for WPA3
Page 9 and 10: OPINION CREATING BEST-CASE OUTCOMES
Page 11: NETWORKcomputing We introduced the
Page 15 and 16: FEATURE: SASE CUTTING THROUGH THE N
Page 17 and 18: SECURITY UPDATE cost without reduci
Page 19 and 20: SECURITY UPDATE A ZERO-TRUST FUTURE
Page 21 and 22: OPINION: IoT and achieve the most v
Page 23 and 24: OPINION: PAAS Yet just as NaaS solv
Page 25 and 26: CASE STUDY ensured electrical effic
Page 27 and 28: AWARDS 2021 SPONSORED BY Photo gall
Page 29 and 30: AWARDS 2021 TELEPHONY PRODUCT OF TH
Page 31 and 32: AWARDS 2021 SALES ENABLEMENT SOLUTI
Page 33 and 34: AWARDS 2021 THE CUSTOMER SERVICE AW

NC Nov-Dec 2021

Create successful ePaper yourself

Delete template?

Save as template?