By Ken Xie
As global workplace shutdowns in response to the pandemic created an immediate need for work-from-home (WFH) solutions, network and security teams—already struggling to support digital innovation efforts and introduce network devices and edges—suddenly had to create effective and secure ways for employees and stakeholders to connect and communicate.
Very few organizations were prepared for this rapid inversion of the network. Everyone who traditionally worked from inside the network was now suddenly outside, and they needed reliable and secure access to network resources, cloud-based applications, and collaboration tools to maintain productivity. Given the chaos in the early days of the pandemic, networking and security workarounds were common.
But many of those workarounds won’t get us much farther: 5G, application-based business models, the proliferation of smart devices, and expanding network edges were all fundamentally reshaping the network long before the pandemic.
When WFH policies suddenly became necessary, the number of access points across the network simply exploded—not only overwhelming already overtaxed IT teams but also triggering the multiple layers of convergence that security experts had long been anticipating.
In this new environment, it became essential for devices, users, network functions, and security to work together so every user and every device on every edge and in every location had the same experience. Everyone working from home on a personal device became a “branch of one,” with all the needs of any branch office, including secure and reliable access back to the network and out to the cloud, and ubiquitous interconnectivity across the entire remote workforce.
Risky Workarounds
As these networks became even more dynamic, they could no longer be operated and protected using outdated, rigid, and siloed networking and security. Legacy security infrastructures built from siloed tools from dozens of vendors do not interoperate, limit visibility and control, and cannot meet performance demands.
And most home networks were in no shape to become part of the extended corporate network. Relying on virtual private networks (VPNs) alone to protect critical workflows, applications, and data was like setting out a welcome mat for cybercriminals, who were quick to target aging, unsecured devices attached to home networks and hijack VPN tunnels as a backdoor into the network. Ransomware attacks increased sevenfold during the last half of 2020.
The connectivity workarounds are unraveling. They were never designed to support expanding network edges, hyperconnectivity, and application-based business models whose users demand more intuitive and personalized tools to meet the demands of tech-savvy consumers. As a result, critical infrastructure and supply-chain compromises fill our news cycles.
Long-Term Work Strategy
Forward-thinking business leaders are investing in new converged technologies. Advanced solutions that blend connectivity and security into a single solution—like software-defined wide-area networking (SD-WAN), secure access service edge (SASE), zero trust access (ZTA), and zero trust network access (ZTNA)—protect hybrid networks by extending enterprise-grade network connectivity and security functions to the home office.
This is essential for ensuring a temporary WFH policy becomes a long-term strategy for running a digital business. Making the right investments requires thinking about security and networking as a converged solution, a security-defined network approach, rather than as discrete elements.
A network built around multiple edges is all about hyperperformance, interoperability, and hyperconnectivity. These dynamic and flexible networks span multiple environments—local area networks (LANs), wide area networks (WANs), multi-cloud, branch, and home office. And they are simply impossible to secure using traditional thinking and legacy technologies.
To maintain the business outcome and end-user experiences companies need to compete in the digital marketplace, network, security, and computer systems must work together seamlessly. Weaving security and network functionality into a unified solution is the only way to effectively close the visibility, automation, and control gaps that such volatile environments create.
A Culture of Convergence
But the process of integrating security and networking is not just a technology issue. First and foremost, it’s a cultural issue.
To embrace and achieve convergence, organizations must remove silos so teams that develop cloud solutions, run desktop services, deploy and manage IT, and oversee security can converge. Security, in particular, must be incorporated consistently across every network edge; networks are less secure when security solutions—and teams—are siloed.
Converging infrastructure and security allows an organization to apply consistent protection at any edge, enabling all security elements to see, communicate, and work together as a single integrated framework.
Security-driven networking—the strategy that converges networking and security across the connected environment into a unified solution—enables organizations to effectively see and defend highly dynamic environments while preserving user experience for employees and customers.
With security and network functions seamlessly integrated at the core, networks can scale and adapt to digital innovations with ease and at levels that support the next generation of computing, including hyperscale, multi-cloud, 5G, and other innovations just around the corner.
This pandemic will not be the last, and it might not even be the most severe crisis businesses face. But the most effective response to the disruption of 2020 is to replace workarounds with a new strategy for constructing and securing networks to thrive amid the inevitable challenges, innovations, and crises ahead.
Read more about the latest cybersecurity threats and trends at the CISO Collective, and subscribe to stay informed.
Ken Xie is Founder, Chairman of the Board, and Chief Executive Officer (CEO) of Fortinet.