decrypting myths
Why security has yet
to move from beyond
the ‘castle walls’ –
and how to do it
It’s clear that a traditional
perimeter approach to
cybersecurity is no longer
enough to keep criminals away,
particularly at a time when
enterprises are increasingly
embracing cloud infrastructure.
Craig Talbot, VP EMIEA, iboss,
looks at what is needed to
properly move security to the
cloud so that firms can fully
gain the benefits of it, with
employees protected wherever
they may be and whatever
service they are using.
M
ost organisations
have either shifted
core elements
of their IT or will
do so in the near
future. It means
that typically most
of their data is living in multiple different
clouds, versus residing on premise as it
has been in the past.
Because this data is effectively
beyond the ‘castle walls’ of their
network perimeter, organisations are
in something of a state of transition
when it comes to the cloud and their
approach to security. And since users
are no longer restrained to the four walls
of the organisation and can access the
cloud from anywhere it means that in
many cases employees are being held
back from being able to use the cloud
securely and effectively.
Most firms do not use the cloud
to control their security
A stark illustration of how firms have
moved to the cloud, but their security
www.intelligentciso.com
|
Issue 19
hasn’t, is illustrated by the Gartner
statistic that 71% of organisations are
still using on premises appliances. This
is the essential part of the network
that staff must go through in order to
access any connected service. It is
effectively ‘the first line of defence’
governing how employees access the
Internet and protects users and the
companies they work for by filtering out
unwanted malware from Internet traffic
and enforcing corporate and regulatory
policy compliance.
With an appliance ‘stuck’ in a data
centre it effectively negates many of
the benefits of the cloud. Appliances
can only secure users while they work
within the organisation. So, users that
work outside it must send all their traffic
back to the appliances for security and
are effectively routed wherever that may
be in the corporate network and then
out again.
This introduces latency, with potential
virtual journeys (over expensive
bandwidth) of thousands of miles for
each server request. And as the amount
67