Security matters when the network is the internet

2021-08-09 06:00

In the past, network security was too often viewed as a separate issue to the design of the network itself, which led to solutions being either poorly thought out or hastily cobbled together at the end of the project as an afterthought.

As more workloads and key data assets move to the cloud, and work from home becomes a more common reality, the private network has become more of a security overlay on the public internet than a separate entity, putting security front and center in the "Future / modernized network" discussion.

Customers are now less inclined to start a network upgrade negotiation focusing only on resilience, latency, or uptime, and are more prone to include the security ask.

The old concept of the network perimeter tended to assume that if users are on the same private network as data and applications, you need fewer security controls.

Watch your user traffic, ringfence your data and applications, extend your security policies to the cloud, and don't feel that you must utilize the same security solutions for both inbound and outbound threats - the type of protection and policy required could be very different, so needs to be managed in a different way.

While segmentation of the network is possible in the cloud, it is often better done onsite, so a sensible demarcation between what enforcement happens on site and what happens in the cloud is essential - it's rare that an all-cloud or an all-CPE approach works, security solutions tend to mirror the data and applications they are protecting and embrace a hybrid approach.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/oGiCA9-TTF8/

#internet #security