Search
Close this search box.

Blog

A More Effective Security Position

Augmenting and centralizing policy control is crucial in the evolution of an effective security position. The benefits far outweigh the effort of transition and will become table stakes as enterprises rationalize their aging premise-based systems.
October 4, 2022

A More Effective Security Position

We have learned the value of self-assessment to identify cybersecurity risk. Once those assessments are completed, security teams must take action on the agreed-upon findings. Most likely, one of those findings will require the team to think about how to increase the effectiveness of one or more of the controls implemented in on-premise or cloud computing environments. With this in mind, we will examine how to establish a more effective security position.

In 2020, Gartner forecasted, “By 2021, 50% of enterprises will unknowingly and mistakenly have some Infrastructure as a Service (IaaS storage) services, network segments, applications or APIs directly exposed to the public internet, up from 25% at year-end 2018. Through 2023, at least 99% of cloud security failures will be the customer’s fault.”[1] This is a daunting prediction that reminds us that despite increased spending on larger security teams, more security tools, and increased automation, enterprises continue to struggle to get their security right.

To understand the basis of the struggle, let’s first explore how we got here…

We created a paradigm that we codified in policy and architecture that was invented when computers, data storage and people were largely on-premise. Our servers lived in our data centers so blocking threat actors from the data center was critical to success. Some called this era the “crunchy exterior shell architecture” phase. Our people operated from corporate headquarters and branch LANs, so we hardened access between sites as well as access points to the network at sites. This became the defense in-depth architecture phase — which left us with an explosion of firewalls. It took some time before tools allowed us to centrally manage policy to both see and manage changes without logging into to every firewall and router individually. This became the “centrally managed phase”.

So, we focused on keeping the software current to capture new attack signatures and centralizing policy updates to reduce the risk Gartner1 warned us about. As IaSS became more common, we leveraged APIs, open-source code, and automation packages to reduce time spent in maintenance windows. This allowed us to manage the burgeoning number of hardware firewalls with relatively small teams. But when errors occurred in an update, things could go wrong in a hurry.

Accelerating use of SaaS continues to make configuring security systems correctly more challenging. Employees working from home over VPNs are accessing sensitive data, business SaaS services, and public websites from the same machines in the normal course of their work functions. Consumerization of IT leads to new SaaS services being added by individual employees frequently and with no notice. Automated workflows are increasing use of embedded web links in routine email.

The continuation of the journey to the cloud brings additional security configuration challenges. Applications running from the cloud are calling APIs hosted by third-party, public websites as well as those hosted by on-premise systems. The pace of feature development is accelerating, putting additional pressure on security teams to keep security configurations correct.

How do we move forward to a more effective security posture? It turns out there is a winning strategy. The cloud-based security systems augmenting and centralizing policy control help us move toward a more effective security position. The benefits far outweigh the effort of transition and will become table stakes as enterprises rationalize their aging premise-based systems, continue their journey to the cloud and cloud-native applications, and extend further into third-party supply chains and SaaS services.

Cloud-based security systems allow us to plug the holes created by having premise-only systems or two independent systems that lack the ability to process threat activities across domains. Security teams benefit by having one set of tools managing policy and reporting across all regions.

The distributed nature of cloud-based security systems also assists enterprises in their efforts to comply with the regional privacy rules, preventing user data transport outside of various boundaries by eliminating the need to backhaul user and application data.

Cloud-based security systems also have better performance, which leads to high end-user satisfaction. In addition, cloud-based security systems reduce total cost of ownership. Rationalizing multiple vendors, eliminating duplicate system, and providing more efficient work patterns for security personnel will contribute to a lower overall cost.

As staff continues to migrate off campus and applications move out of the data center, establishing a more effective security posture will be essential to success. Efficient security design that addresses these continuing business trends is essential to cost-effective, continued growth. Cloud-based security systems will deliver these benefits and position IT teams to rapidly deliver new services.

Citations

[1]“5 Things You Must Absolutely Get Right for Secure IaaS and PaaS” (ID: G00461794), Gartner, Tom Croll, Refreshed: 18 November 2021, Published: 7 May 2020

Related RESOURCES

2024-isg-report-europe-ft
Guide

GTT Named Leader in ISG Provider Lens™ Enterprise Managed Network Services 2024 Europe Study

GTT is ranked as a Leader for the provisioning of network as a service (NaaS) and for services across WANs, LANs, managed Direct Internet Access (DIA), Voice over IPs (VoIPs) and virtual private networks (VPNs). This top ranking from ISG is based on its evaluation of 33 service providers within the managed network services industry.
Background-3
Guide

GTT Named Leader in ISG Provider Lens™ Enterprise Managed Network Services 2024 U.S. Study

GTT is ranked as a top Leader position for the provisioning of network as a service (NaaS) and for services across WANs, LANs, managed Direct Internet Access (DIA), Voice over IPs (VoIPs) and virtual private networks (VPNs). This top ranking comes from ISG is based on its evaluation of 33 service providers within the managed network services industry.
sd-wan-adoption-ft
Webinar

Understanding Managed SD-WAN Adoption

Elevate your network infrastructure and the rapidly evolving world of SD-WAN and SASE technologies. Watch the webinar today.
partner-with-envision-ft
Webinar

Partners Win with GTT Envision

What is GTT ENVISION and how can you leverage this exciting approach to Network as a Service? Watch the webinar to learn all about GTT Envision.
White Paper

Trends and Solutions for a More Secure Perimeter

GTT commissioned Hanover Research, a leading provider of research and analytics for organizations worldwide, to gain insight into how businesses are adopting and using SASE and SSE
Team of Professional IT Developers Have a Meeting, Speaker Shows Growth Data with Graphs, Charts, Software UI. Shown on TV. Concept: Software UI Development, Deep Learning, Graphs, Charts.
Guide

GTT Named Managed SD-WAN Leader in ISG 2024 Network Report Evaluating German Service Providers

ISG Provider Lens™ report evaluates 26 enterprise WAN service providers and ranks GTT in a Leader position for Managed SD-WAN enterprise network connectivity.
Hand touching Secure Access Service Edge icon on smartphone virtual screen background, password, network, framework and support technology in office. SASE secure access service edge concept.
Guide

GTT Named Managed SD-WAN Leader & SASE Rising Star in ISG 2024 Network Report Evaluating U.S. Service Providers

ISG Provider Lens™ report evaluates 26 enterprise WAN service providers and ranks GTT in a top Leader position for Managed SD-WAN enterprise network connectivity. GTT is also ranked as a Rising Star Product Challenger for its Secure Access Service Edge (SASE) Capability, GTT Secure Connect.
Fortinet white paper
White Paper

SASE is a Journey – Not a Silver Bullet

In this white paper, learn how leaders are adapting to evolving business continuity demands. To stay ahead of threats, teams must view securing their Network and Security ecosystems as a continuous journey. Secure Access service edge (SASE) framework is the path to stronger cyber security.
IT engineers checking servers in server room
White Paper

Why Technology Partners Matter In Uncertain Times

Technology advancements support 5 key areas of manufacturing. Leveraging managed services providers to support and secure the network infrastructure that enables these advancements helps achieve these positive business outcomes.
Robot welding in car factory
White Paper

Get The Lowdown On The Smart Factory & The Next Wave of Innovation

Manufacturers understand that they must stay up to date with the latest developments in technology to be competitive. At the same time, technology is moving fast. Find out more about Industry 4.0 and the Smart Factory.

OUR GARTNER RATING

Gartner Peer Insights logo
4.2


62 Reviews

88%
as of the last 12 months

Talk to an Expert

Interested in learning more about GTT products & services? Please complete this short form to schedule a call with one of our sales consultants.

Thank you for your information. One of our sales consultants will be in touch with you.

Scroll to Top