Digital transformation: why business continuity and data security are key
- Published: Tuesday, 16 April 2019 07:40
Don Boxley looks at some important questions that need to be asked to ensure that business continuity and data security are considered during digital transformation projects.
Whole industries are transforming with the help of IT and workforce digitization and as competition heats up across virtually every industry, the pressure to digitally transform escalates concurrently.
Whether you are in IT or are a business professional who is responsible for digitization, business continuity and/or security strategies, you need to be able to think on your feet about your new priorities in a world of ongoing change.
While there are numerous variables that organizations must consider as they move towards digital transformation, perhaps the most essential considerations are business continuity and data security. With more business than ever being conducted in the cloud and more third-party partners needing digital access to that data, failing to keep business continuity and data security at the top of your business’s priority list could instantly become a fatal mistake – after all, they are often inexorably linked.
In today’s cloud environments, one of the most important data security challenges relates to strategic partner data access and sharing. Your organization’s security safeguards are only as strong as the weakest link in your vendor and partner ecosystem. In other words, you may be inadvertently putting sensitive company data at risk every time you conduct digital business with a vendor that is granted access to your system.
Consequently, I believe that every IT, business continuity and security professional should be asking themselves the following two key questions:
1. How do we ensure secure access for our remote user/partner network?
Data breaches, ransomware attacks, and other cybercrimes are continuing to increase in regularity and severity. Huge, well-known and highly respected organizations have made the headlines – organizations you would think have absolutely bullet-proof policies and technologies in place. Remote user access has been found guilty in countless of these situations for opening the door to cyber-criminals. Clearly, there’s no excuse left for any business to avoid reviewing their strategy for managing remote user and partner access.
What’s most important here is being aware of some new realities. Many companies still use virtual private networks (VPNs) to create what they believe will be the securest of web connections — after all, security is the main reason that enterprises deploy VPNs in the first place, right? Well, that used to be correct. In the pre-cloud world of virtual machines and physical servers, VPNs and other forms of traditional perimeter security like direct-link formats were a great choice. No longer. In our current cloud-based reality, companies require a security strategy that considers how business is done today, with multi-cloud and hybrid deployments now the norm with blended on-premises and cloud scenarios.
Every business’s new security strategy should start with “out with the old (VPN) and in with the new (SDP).” SDP stands for software defined perimeter, and it’s the most current and most secure networking software available today. Its key advantage when it comes to allowing remote users and third-party vendors to access your system is that these partners can only access certain services that you define.
2. How do we provide continuous access to critical business services, but still get every remote user off our network?
Broken authentication and access controls are the most common ways for attackers to assume other users’ or partners’ identities and access unauthorized functionality and/or data. One method to resolve this is to get every remote user off of your network. While this certainly eliminates a significant security attack surface, a digitally transformed business isn’t possible if your partners lose the ability to transact business digitally.
A superior approach that addresses both security and business continuity requirements is to rely on an SDP solution. This allows you to successfully minimize the surface area exposed to lateral attacks while still allowing business as usual to occur in a digital space.
Here are two more questions that will also be important as you think about investing in new technology solutions:
Does the remote access solution support a heterogeneous router environment?
If you’re still using a remote access VPN, then you probably already know that they come with their share of configuration complexities. One way that VPNs have traditionally increased risk of a data compromise is by requiring dedicated routers — not to mention access control lists and firewall policies.
With this in mind, it is imperative that your solution for third-party remote access supports a heterogeneous router environment rather than just a single router. This will also help you avoid the strong possibility of finding yourself in a router vendor lock-in situation. With an SDP solution, you are able to shift operations from one cloud to another whenever you need to, avoiding risks of vendor lock-in. To do this, your goal should be to find a remote user access solution that scales across a multi-partner and hybrid cloud environment.
Does the remote access solution support application segmentation?
Modern remote-access solutions provide network administrators with the ability to segment by application, not by network. Allowing your partner’s system access at the level of the application, rather than the network, limits remote users only to fine-grained access to specific services, greatly reducing the chance of lateral network attacks; so be sure that your remote access solution supports application-level segmentation.
The cloud is inarguably one of the most important technology advancements we will see in our lifetime. And while its benefits are immense, it brings with it a new level of security concerns, especially when it comes to partner and other remote user data access. With that reality in mind, be sure to update your remote access solution accordingly, rather than crossing your fingers that your outdated pre-cloud technologies will protect your critical company information and ensure business continuity.
Don Boxley Jr is CEO and Co-Founder of DH2i. Prior to DH2i, Don held management positions for leading technology companies, including Hewlett-Packard, CoCreate Software, Iomega, TapeWorks Data Storage Systems and Colorado Memory Systems. Boxley earned his MBA from the Johnson School of Management, Cornell University.