Traversing Data Challenges
Riyaz Tambe, Solutions Architect, Borderless Networks, Cisco India and SAARC
The corporate computing environment is rapidly evolving in response to consumerization of IT, mobility and technologies like virtualization. Demarcation of the network border has blurred as users become increasingly mobile and connect to the corporate network from various locations. Applications are virtualized and move between servers or even data centers. Instead of safely resting in the data center, data is traversing on Smartphones and Tablet PCs-beyond IT reach.
Given the above, organizations need to find a way to protect corporate assets while enabling businesses to realize the value of a borderless world. Security today is more about protecting data in transit and organizations need to consider how data travels while devising their security policies, so as to provide a seamless user experience.
In order to secure information which is spread across the network and the data center, organizations need, and use a vast array of authentication techniques and authorization methods. Authentication also helps manage the varied lot of end devices sitting out of IT reach. Depending on the information users want and their mode of connectivity, different devices require different access methods and security controls.
As the corporate network perimeter continues to expand, businesses need to deal with audit requirements as well-have to prove that they have the requisite controls in place and that those are working. This means organizations need to adopt a holistic approach and seek architectures that help to overcome challenges of data security and issues that permeate consolidation efforts.
Consider this IT organization where more and more employees have begun integrating consumer devices into their workflow by bringing smartphones and Tablets into office networks without explicit approval of their IT department. Employees here are creating a high demand for immediate provisioning of their personal devices to allow for personalized experiences, access from anywhere, access to their personal applications, and access to the secure corporate applications provided by the organization
While mobile access to data and an enhanced ability to communicate have helped provide meaningful improvement business, it has created new challenges for the IT department. With up to three devices per person on average, there is an increased demand for seamless access no matter which device is used or where it is connecting. And that connection needs to be fast enough to run applications effectively and reliably so that it can support access to real-time information.
Given the above the IT department was on the lookout for a solution that would help secure both organization owned and personal devices, with policy enforcement to protect corporate data. The solution had to help scale up infrastructure to meet the growing number of devices per user and deliver an optimal user experience to drive productivity. Additionally it had to support new apps, both voice and video from any device, simplify management and lower operational costs
The company decided to revamp its network infrastructure and incorporate a network foundation that enabled reliable, seamless, and secure data exchange and communications. Wireless technologies and BYOD solutions empowered IT to go beyond simply connecting user-owned devices, to scaling the experience of many users with multiple devices, anytime, anywhere, for a robust healthcare environment.
They delivered a unified security policy across the entire organization, providing an optimized and managed experience for many types of users with diverse device and security requirements. The result is a superior user and IT experience, without sacrificing security, visibility, and control.
Similarly consider this educational institution which wanted to deliver a tailored experience for students and faculty who were increasingly requesting access to wireless networks on a wide array of personal mobile devices, transforming the "bring your own device" (BYOD) trend from an emerging phenomenon to the norm. A large portion of the population brought their own personal devices to the campus to enable anytime, anywhere learning, wireless access on any device is a crucial business requirement.
Given the above, the authorities decided to implement an end-to-end Unified Access solution to support growing need for wireless connectivity. Several hundred users were on campus at the time, and wireless access was concentrated in hot spots such as common areas, where students and faculty gathered most. As demand for wireless began climbing into the thousands of users and personal devices continued to proliferate, the college decided to advance to a next-generation wireless implementation, to provide reliable, easy to manage solution which delivered exceptional value to students and staff.
The upgraded borderless network allows the university to connect anyone (student, faculty, or guest) to any device or service, virtually anywhere on or nearby campus, at any time. Connectivity can be provided securely, reliably, and with excellent performance and manageability. Now, students and faculty can collaborate with ease, working anywhere anytime on campus, without even thinking about wireless connectivity, transparently, wherever they need it.
Adopting a holistic approach
As the IT landscape rapidly changes, enterprises and IT providers need to develop strategies that address cost reduction pressures, employee empowerment, increased concerns for data security and focus on time to market. Next -generation network solutions that take into account tomorrow's technologies and come with integrated security capabilities for proactive protection against targeted, complex threats are sought after.
To facilitate the safe adoption of "bring your own device" policies and address security concerns related to technologies like virtualization and cloud computing, integrated solutions that support trends around mobility and provide investment protection need to be developed. Solution architectures for example Cisco Secure X that provide security across the network, from headquarters to branch offices, for in-house employees and workers on wired, wireless or VPN devices and are a good option.
Solutions that create, distribute and monitor security access policies based on a contextual language, such as who, what, where, when and how are beneficial to businesses. Enforcement can include actions such as blocking access to data or devices, or initiating data encryption. Architectures that span from the endpoint to the cloud and provide policy/control at every hop in the network enable provision of better security. Along with centralized management and integrated tools for troubleshooting they help businesses meet compliance objectives with greater operational efficiency and control. This provides a manageable, compliant infrastructure critical to taking full advantage of virtualized, consolidated data centers.
As the network perimeter becomes increasingly porous and malware continues to spread, solutions that provide Virtual Private Network (VPN), firewall and Intrusion Prevention System (IPS) with high performance and scalability help control network traffic in and out of data centers. Content security solutions with on-premise, cloud-based, or hybrid security services help protect networks and data centers against known and zero-day malware outbreaks.
Architecture solutions like secure, multi-tenant, virtual IT-as-a-service help businesses benefit from the transparency of the virtual environment because they "look and feel" the same as a traditional, all physical topology. From an end customer viewpoint, each system is still securely separate with its own network and storage, in some cases much more than a traditional environment. When a business unit needs more servers, it can send an order to the IT team to "fire off" a few more virtual machines in the existing environment, instead of ordering new physical equipment. This helps to increase security and efficiency of the infrastructure while also bringing down costs considerably.
Benefits of integrated solutions
Integrated solutions help organizations easily manage the security risks of borderless work environments and enable users access the network with their device of choice. Users can also securely utilize the applications and information needed to do their jobs. Such solutions ensure that security policy enforcement is context-aware, comprehensive, and preemptive while connectivity is intelligent, simple, and always on.
Being highly secure, available, efficient and flexible, integrated solutions help organizations address IT requirements and policies, meet the demands of high utilization, and dynamically respond to change. In the long run, achieving these goals will have a profound, positive impact on profitability, productivity and quality of business.