Security is made network-agnostic by the cloud, says Nathan Howe, pictured, VP of emerging technology at the cloud services and Zero Trust product company Zscaler.
The changes that a digital transformation brings to enterprises will largely depend on the enterprise goals. Perhaps it is a shift to the cloud, or it is a digitising OT environments. Either way, most digital transformations begin with leveraging the benefits of a cloud ecosystem, then they are accompanied by a far more extensive overhaul. This upheaval also shifts how applications are provisioned, as well as the type of access being granted to workloads, which has the next effect of impacting corporate networks themselves.
For a long time, the centre of the information universe was the data centre, in which all data streams were revolved around the applications stored within it. Likewise, users moved within the company‘s boundaries and the control functions were stored locally in the classic network. Over time, digitalisation and modern working environments have incrementally reduced the relevance of such a hub and spoke model. In a post-2020 environment, there is no longer just one way to access workloads. It also no longer matters where an employee is and through which transmission channels their data flows, as long as seamless and secure access to applications is ensured. Today, the corporate network only plays the role of connective tissue, through which data streams flow on the way to the desired application. Connectivity has thus become network-agnostic.
Control function across all data streams
Security Service Edge (SSE) sums up this basic concept. We no longer need a dedicated physical network, or singular direction or path, but a universal connection to all types of data transmission including the Internet and radio networks, such as via 5G. In reality, most organisations today no longer have one wired network and services are stored simultaneously in private or public environments. A 5G radio network can already be counted among the privately deployed environments, which is kept isolated from the outside world for organisations. Employees are able to use it to access their shared resources on the Internet and/or other networks.
It is crucial for companies that they can also exercise the control, connectivity and security function over all these data streams in network-independent infrastructures. At this point, however, they may begin to run into issues. Security is often too heavily oriented towards well-rehearsed physical and thus literally tangible structures that cannot be reconciled with network-agnostic connectivity. This is where the Security Service Edge comes in. Security must therefore always reach on the way from the user to his/her application, or between applications and workloads – regardless of the one network.
SSE accelerates the adaptation of security
In such modern working environments, security considerations must no longer be dominated by the centrally positioned, physical network. Security must be able to be seamlessly and uniformly adapted to any type of data transmission pathway. Conversely, security must no longer be dominated by the classic corporate network but must apply everywhere in a universal way. Employees require their access to be authorised and secured in every transmission grid, regardless of their place of work. When this status is reached, then a company can rightly speak of network-agnostic security. The user chooses the connection type through which he/she reaches their workloads most securely and performantly. The necessary security controls are provided by the cloud, which can monitor all security filters inline in the data streams.
All this takes into account the Security Service Edge model that controls security for all networks – be they wired, WiFi or wireless networks – via a cloud platform based on the Zero Trust approach. This not only leads to convergence between all networks, but also between IT and OT environments, and means that all modern security requirements of digitised companies are served equally via one universal approach.pictured,
