Security as the infrastructure platform of the future
January is a good time to plan. It's the start of a new year and those things that seemed so far away in December are suddenly right around the corner. With the recent holiday season and the end of the Mayan calendar in the rearview and a fresh year ahead, I wanted to write about a trend that I believe is poised to set the tone for not only the next year, but the next several years. It's the next evolution in network architecture and, while the signs have been pointing the industry in this direction for some time, I believe that 2013 could be the year that the industry focus shifts entirely.
In 2013 and beyond, I believe security will replace connectivity as the focus of the network. That secure enablement will be the focus of IT departments. I believe that security devices will merge with and/or replace routers and switches as the infrastructure platform of the future.
The devices have it
The trend towards consumerization is the catalyst for this shift in thinking. We as an industry are very good at providing access. Whether at the airport, coffee shop, or at the office, wireless access has become nearly ubiquitous. Take the modern retail store – every business critical device in the store is moving towards network connectivity – the phones, the cash register, credit card machines, cameras, etc. The problem is no longer connecting to the network – that part is covered – the challenge is securing the devices and data as they come and go on a vast freeway of networks. We as an industry have witnessed the failure of bolting on security device after security device to a network that was designed to provide connectivity. The assumption that connectivity comes first has to change.
The search for the Holy Grail
Security as an enabler is the Holy Grail of security. Most companies want to specify policies that provide security while allowing users to do their job in the most efficient manner. The only way this can occur is for security to evolve beyond a single technology. We as an industry have to stop thinking in terms of firewall, IPS, anti-malware, DLP and other new technologies, and look at security as a platform that protects the business by providing all the traditional components of connectivity and management that have developed into the networks we have today.
Proving the secure infrastructure of the future
This shift from security as an add on to security as the infrastructure requires a new level of management, integration and control from the vendor community. The industry is tied to the concept of devices and technologies and that will take time to change. Look at any modern distributed organization and the security required. It parallels the network environment exactly:
Organizations need the ability to look at the data coming in through their security devices in aggregate to identify breaches and any other problems. They need the ability to quickly distribute new rules and policies.
The vast amounts of data coming in and out of networks must be protected at the edge by physical devices and in the (increasingly) virtual data center.
Branch office or storefront
The branch office or storefront has to combine and secure the data coming from the store devices. The modern office and storefront need to provide other secure infrastructure components such as secure wireless and voice systems.
Finally, the devices coming on the network have to be protected. The data that they access has to comply with corporate policy and rogue networks have to be nullified.
There are vendors already providing the components necessary for this shift to the future, and many organizations are quickly coming to the realization that a platform approach to security is necessary. Organizations evaluating new solutions need to look ahead to the future and do more than just test one feature or function of their security equipment. They need to evaluate whether the vendor can provide the secure infrastructure of the future.