During the 1990s, organizations spent a lot of time and effort developing a hub-and-spoke network model, with the data center placed in the middle and a sharply defined and heavily secured perimeter established around the edge. While innovative at the time, this approach isolated departments, lines of business, and regional offices -- especially once they began to adopt their own networking and security technologies to meet their unique needs and requirements. As a result, the systems engineers and security professionals who ultimately had to manage these organically developed network hubs were functionally blind when it came to tracking data and resources or discovering and responding to threats.
The IT teams eventually tasked with taking back and centralizing network management and security in the 2000s found they had to integrate incompatible systems, sort through and fire dozens of competing vendors, and deal with local teams who were resistant to giving up their home-grown networks. Even worse, by this time many of these isolated content and technology silos had been tied to critical business processes, making transitioning to a centralized IT model not only time-consuming and frustrating, but also very expensive.
We are about to do this all over again -- in the cloud
Given the challenge of addressing those siloed networks and data in the past, you would think that organizations would be approaching the adoption of cloud-based networks and services today with a well-thought-out plan in place. But that’s not the way it has been happening. The reality is that any department or individual with a credit card and an idea can purchase their own cloud service. As a result, companies surveying their cloud footprint often discover dozens or even hundreds of unauthorized and poorly secured cloud solutions in place, ranging from something as simple (and potentially dangerous) as storing corporate or customer data in a cloud app to entire cloud network infrastructures managing data and workflows.
This is understandable. In the new digital marketplace, consumers are demanding better and faster access to data and transactions, while an exponentially growing number of IoT devices are generating data at an unprecedented rate. As a result, information volumes are exploding and limited IT resources are struggling to keep up. At the same time, however, lines of business are under increasing pressure to process transactions, manage workflows, and store content in the most efficient way possible. The result is an unplanned return to technology and information silos.
But it’s not just rogue individuals and departments doing this. IT is responsible for much of this themselves. Today’s organizations are increasingly deploying complex cloud architectures comprised of multiple private and public cloud environments. But rather than following an integrated script, much of this is being done on a per-project basis, with attempts to address issues like security -- including visibility, management and orchestration, and controls such as intelligence correlation and threat response -- after the fact. That's part of the reason security professionals reported a 300% increase in attacks on cloud services in 2017.
Three things you can do
You can’t protect what you can’t see or control, which are the exact problems that a siloed network creates. Given the growth and severity of cloud-focused attacks, and the potential impact of any disruption to your digital business model, it is critical that you get out ahead of this challenge. Here are three things you need to consider when adopting or expanding your cloud architecture:
Build a plan and get stakeholder buy-in. Every stakeholder in your organization needs to understand the risks of an unstructured approach to cloud adoption. Every aspect of digital transformation, especially the cloud, needs to be part of an integrated plan that everyone has contributed to, understands and supports. This will go a long way towards preventing individuals or departments from developing their own rogue shadow IT solutions and introducing new and unknown risk.
Create an environment of yes. Underneath every unwelcome and unknown addition to your cloud footprint is a business need that isn’t being met. One of the biggest reasons teams adopt their own networking, storage, or application solutions is they don’t feel that their needs are being understood by IT. The more rigid your approach and restrictive your response to requests, the more likely you are to have critical data and resources stored and processed in unapproved places. Listening and responding to requests will go a long way towards solving your shadow IT challenge.
Use and demand open standards. Data necessarily flows across and between network ecosystems. However, trying to do this by connecting and integrating isolated legacy technologies can overwhelm limited IT resources. Security devices need to operate using open standards and common operating systems in order to track data traffic and resources across different network ecosystems, centrally orchestrate and manage security policies, correlate intelligence collected from every corner of the distributed network, and automatically coordinate a unified approach to any detected threats at digital speeds, from the core to the cloud.
Network siloes are the enemy of effective security. Unfortunately, having confronted that problem nearly two decades ago, we are now on the verge of having to fight that same battle once again in the cloud. Ironically, the root of the problem is almost identical to the first time we had to deal with this -- unstructured and unplanned network development and the creeping growth of an accidental network and security architecture. Only this time, cybercriminals are armed with more sophisticated tools designed to take better advantage of the gaps this approach creates, and to cause more damage than ever before. At the same time, with the growth of the new digital economy, more is at stake. As IT professionals, it is critical that we get out ahead of this problem before it overwhelms our resources and puts our digital businesses at risk.
About the author: John Maddison has more than 20 years of experience in the telecommunications, IT Infrastructure, and security industries. Previously he held positions as general manager data center division and senior vice president core technology at Trend Micro. Before that John was senior director of product management at Lucent Technologies. He has lived and worked in Europe, Asia, and the United States. John graduated with a bachelor of telecommunications engineering degree from Plymouth University, United Kingdom.