Archive | January 2020

Enterprise Networks – “Make IT and business WORK”

Last week we talked about security however this week we will discuss networking and connectivity.

Time for the basics – why do we have networks? Networks only exist to facilitate engagement, communication, creation and sharing, points often forgotten in the midst of features and endless buzz words. By holding onto those key points summarising the purpose and drivers for network existence, at the heart of all discussions and chunking the conversation up, the reason (s) for network need or change is exposed. It may be a user need, an application requirement, a service orientated outcome, but without doubt the outcome “isn’t the network” – the driver of the networking need is the main story.

It’s time to overtly challenge all enterprise networking discussions – “Why does this network exist, what are the user / applications that drive the need for this network, what user or application measures validate network activities and so on”? It’s time to hold the network to account and unlock the business value of a secure connected enterprise.

In keeping with last week’s security summary, this outline will focus on three networking aligned areas of “interest” for 2020 (without doubt there are many more).  No predictions, purely areas that may stimulate valuable discussion and ideally actions.

Secure networking – secure connected outcomes.

It’s important that we link security and networking together at all times with no discussions about networking in isolation. Its time to intentionally switch all conversations to signpost secure networking or secure connectivity. The addition of the single word secure will change the mindset of all concerned and ensure the only outcome validated as successful is a secure one. Networks are the technological digital transport umbilical cord of the digital age therefore inherent security is fundamental to ensure successful, connected digital outcomes.

See all – secure all.

Next up, visibility is the hidden jewel within networks but only if explicitly leveraged for the value it delivers. Networks as the digital transport in the midst of all digital transactions see all of the traffic they transport and connect. By utilising data packet by packet “see all” capability within enterprise networks with end to end visibility from user, though system, through application, though cloud and back, networks are as powerful as security control layers as they are digital data transport layers. Its time to exploit the network as one of the best digital security sensors available.

Optimum operations – time for NetDevOps.

And finally network operations MUST change. I write with no ambiguity when positioning the importance of network operational change now, to unlock tomorrows benefits, today. There is no digitisation without secure network connectivity, no digital user experience, no world of “smart” technology and human engagement – nothing.

Networks must not only understand the language of applications, they must proactively and consistently “enable” applications to deliver user & business outcomes. Network automation isn’t the story, it’s a component of a bigger story of applications, operations and network technology working in perfect harmony.

The changing face of network operations must result in enhanced platform efficiency, operational consistency and network automation bound into the application and software development life cycle. Without an intentional business and cultural shift to leverage the network intentionally and proactively beyond digital data transport, business agility, user experience and application value may be compromised.

Start now – change now

Enterprise networks have become a victim of their own reliability, performance and effectiveness. Networks are often invisible as technology entities, however complaints appear in an instant when problems or network failure occurs but with little said during times of “normal”. Networks are expected to “just be there”, “always on” delivering optimum reliability and performance for both known and unknown requirements. This is a tough ask, however by using the network as a security control layer, proactively using the network for optimum levels of end to end visibility and accelerating the evolution of network operations, the enterprise network will act as a springboard to every good in the digital age. That’s got to be worth it.

Until next time

Colin W

Twitter: @colinwccuk

Business Line CTO UK (Networking & Security)

Security 2020 – “Intentional Security to accelerate digital business success”

Email inboxes around the globe are filled though January with a flurry of IT market and technology predictions. I’ve been guilty of writing them in the past but chose not to this year. However, a few people have nudged me and requested at least a summary or a few ideas on a few significant IT security areas to consider through 2020 (not predictions). One thing I can convey with certainty, is that fact we actually don’t know what will happen in the security arena moving forward, we can assume and theorise but don’t really know. The business and technology landscape has never been more uncertain, with well skilled and financed attackers (at times more so than the defenders) due to the potential for immense rewards. To that end organisations need to be aware, pragmatic, agile with effective security controls and actionable remediation strategies to help them deliver “Secure IT”.

So, what might happen

The “Windows 7” platform will be a highly targeted attack vector (whether embedded, full function or other). Whilst many users remain emotionally and operationally wedded to the now reliable and robust legacy operating system, the end of operating system support and patches for Windows 7 software platforms means enterprises as a minimum must evolve away from Windows 7 to Windows 10 or to another secure and supported operating environment. If a move from Windows 7 cannot be undertaken in a timely manner, compensatory controls for example the use of virtual patching may add a layer of defence but that will very short lived. A move from the Windows 7 operating platform is the only outcome to maximise user and system security.

Next up, “connected things”. IOT is the collective term frequently used to describe connected devices, often without an interface for human input but “connected things” collect, process, transmit and sometimes store data. The sheer volume of connected things increases the security challenge with defenders requiring real time visibility, always on controls as they seek to minimise or eliminate the potential for attack. To make matters worse, many of the “things” become invisible to the human eye hidden in ceilings, behind walls or embedded in other devices. But they remain highly visible to attackers are easily located with simplistic scanning tools and can be used to launch highly damaging attacks (or as a beachhead to enter a networked environment). Visibility visibility visibility is everything – you can’t secure things you cannot digitally see. Connected device visibility platforms or advanced NAC systems help to determine the type, status, behaviour of all connected devices. This allows them to determine posture, grant and revoke access, supply data inputs to asset and CMDB databases but more importantly to help organisations to create and maintain a baseline of “normal or known good security”.

And last but not least, “the human vector” remains a key consideration in 2020. Un-informed users have the potential to become the weakest link in the security chain, but informed, engaged, security conscious users become one of the most significant elements of optimum security. Users have the power to make intellectual and dynamic decisions, interpreting situations in a way technology based controls cannot. With users as educated, security advocates and technical security controls working together in harmony, end to end optimum security becomes a reality not a dream.

As a recap, to maintain a security by design and by default in 2020 for users, business & consumers, three areas will be high on my list:

  • Acceleration of the move from Windows 7 (or to secondary compensatory security deployed if a platform move is not possible)
  • Optimum visibility of connected things (traditional connected devices and IOT) to ensure they can be located, patched, secured.
  • Inspirational education of “the human” to intentionally become the strongest security link in the digital chain.

Through 2020 we must strive to make intentional security simple to consume, manage, operate and EFFECTIVE. This will help users, organisations and the industry to shift the current mindset and position security positively as the essential enabler of the digital world. Its time to start now, start today.

Until Next time.

Colin W

Business Line CTO Networking and Security – Computacenter UK

Twitter: @colinwccuk