This is a guest post for the Computer Weekly Developer Network written by William Collins in his capacity as principal cloud architect at Alkira – a company known for its ‘connect everything’ cloud networking technology competencies.
Collins’ original title for this piece in full reads – Everything, everywhere, all at once: How to Connect, Secure and Oversee Today’s Complex IT Environment.
Collins writes as follows…
The last few years have been a particularly unpredictable time for businesses, which has led to a world where apps and services are everywhere – internally, at the edge… and in the cloud – and the people accessing those apps and services – employees and contractors – are everywhere as well. According to a report by Zippia published this year, some 74% of U.S. companies are using or plan to implement a permanent hybrid work model, meaning this is a trend that won’t be going away anytime soon.
While many employees will rejoice about this work flexibility – we know that IT, networking and security professionals are bracing for the possibility of many more sleepless nights as they try to keep their organisations up and running and secure. In this new, chaotic world that truly is everything, everywhere, all at once, how do you connect, secure and monitor all these distinct areas and moving parts?
Before we answer this question, we’ll need to back up and understand how we got here in the first place.
The rise of SaaS
Software–as–a–Service (SaaS) applications became popular in the late 90s and early 2000s, largely due to the decreasing cost of cloud computing, the availability of high-speed Internet and the increasing demand for enterprise mobility. Given these factors, it’s no wonder the SaaS market has continued to grow rapidly. In fact, according to market projections from The Insight Partners, the global SaaS market size is expected to grow from $167.53 billion in 2022 to $462.94 billion by 2028. It’s also anticipated to grow at a CAGR (Compound Annual Growth Rate) of 18.5% from 2022 to 2028.
While the cost savings, scalability and agility are attractive byproducts of SaaS applications, they do also present several challenges for IT, networking and security professionals.
Firstly, SaaS providers mainly host applications and data in the cloud, giving customers less control over security and policies, which makes it tougher to investigate and respond to security incidents. Secondly, access management is complicated to manage and enforce, leading to unauthorised access to data. Additionally, SaaS applications often integrate with other third-party applications and services, which can introduce new network and security risks. Furthermore, it can be challenging to get visibility into the inner workings of SaaS applications, which makes it difficult to identify and mitigate network and security risks.
Combine these challenges with the fact that employees are now accessing networks, applications and services from anywhere in the world and you have a never-ending storm of data and information constantly traveling back and forth through a seemingly infinite number of paths. While it’s tempting to add the latest SaaS application to your technology stack to solve all your problems, it’s important to first examine the foundational aspects of your IT infrastructure – your network and security – to determine if there are any underlying issues that need to be addressed
Networks of tomorrow
Modern businesses are evolving more quickly than ever before to meet consumer demands, and thus, their networks are constantly evolving as well. However, just because a network evolves, it doesn’t mean that it’s necessarily improving over time. If you build on a rotting foundation, short-term gains will create long-term issues.
Here are some key considerations to ensure your network can effectively support your organiation moving forward.
In today’s ever–changing world, it’s paramount that your network can easily scale up and down to meet changing business needs. Many businesses have “peak seasons” where traffic increases and they require more resources to deliver a smooth customer experience. The ability to easily scale up during busy periods and scale down during quieter periods is vital for maximising your return on investment.
Due to rapid advancements in network infrastructure, networks that are rigid and offer limited flexibility are quickly falling out of favour with enterprises. This is one of the reasons why we’re seeing more enterprises moving to multi-cloud and hybrid cloud deployments, which offer the flexibility to easily stitch together a best-of-breed approach based on needs.
With the way networks are expanding, both in terms of information load and surface area, it’s impossible to understand what’s happening in the system without proper observability. Given increasing demands, distributed physical networks are becoming much tougher to monitor and get a handle on.
Centralised networks, as well as virtualized and cloud-based networks, are more observability-friendly because they can provide a holistic view, including all the data and devices in the network, at any given time. When you’re able to understand how everything works together, you can make changes to your network and identify the root cause of problems much more easily.
With more devices, more traffic and more connections happening on networks today, network outages and disruptions are more common than they were just five years ago, with no signs of this trend slowing down. Therefore, the most reliable networks are the ones that are resilient and can withstand the unforeseen issues that are bound to pop up from time to time.
When it comes to cloud networking, having a diverse, multi-cloud approach is much more effective than putting all your assets in one cloud or even multiple clouds from the same provider. If anything does happen to one of the major cloud providers, having others to fall back on can make a significant difference for a business, both financially and reputationally.
Cybersecurity continues to be a headache for organisations as cybercriminals get smarter, have more tools at their disposal and have a wider attack surface to exploit. Though avoiding a data breach or ransomware attack altogether is unlikely these days, being able to spot these attacks early and resolve them quickly is possible.
Here are three characteristics to look for to improve network security:
If you can’t easily see what’s happening on your network, you’ll always be a step behind cybercriminals. Employees, too, can cause damage to your organisation if they’re accessing or sharing information they’re not supposed to.
No matter where the issue is coming from, having visibility is paramount to identifying threats, investigating incidents and addressing issues swiftly. There are multiple network monitoring tools and SIEM (Security Information and Event Management) systems, which are designed to collect and store data on network traffic, devices and users. This data is critical to improving visibility and identifying threats in your network.
Verifying the identity of a user or device that’s trying to access the network may seem straightforward, but like other aspects of cybersecurity, criminals have become adept at pilfering sensitive information and blending in like they’re one of your employees. This is why more businesses are turning to solutions with rigorous authentication processes that lower the likelihood of unauthorised users or devices gaining access to the network.
While logging your credentials several times to access one file may seem overkill, it can make a substantial difference in keeping that information secure. Furthermore, the use of biometrics is becoming a more popular method for authentication as it’s harder than a password for criminals to replicate and it’s easier for users to confirm their identities.
Of course, the use of biometrics does come with privacy concerns, so it’s important that it’s handled with proper care and caution before rolling the option out to employees.
With the speed at which everything is moving, relying on humans alone to spot, verify and resolve all cybersecurity issues is unsustainable. This is where automation tools, underpinned by artificial intelligence and machine learning, can play a vital role in your cyber defence.
With the right automation tools, you can improve network security in several ways, including threat detection, incident response, vulnerability scanning and patch management. As these technologies get smarter, they will continue to get better at automating repetitive tasks that are time-consuming and error prone. However, trusting these technologies blindly, without human oversight, is not recommended.
IT, networking and security professionals will continue to have their hands full for the foreseeable future, but there is light at the end of the tunnel. The traditional network is forever changing in favour of flexible, cloud-based and virtual networks that can shift quickly and easily to meet the never-ending needs of today’s businesses and consumers.
To truly maximise this opportunity, business leaders must first examine their plumbing – their network and security infrastructure – to ensure it’s designed to support this new world that is constantly in flux and under attack. Getting the right foundational pieces in place will not only delight customers, but it will also make networking and security more manageable and more effective.