When it comes to security, the edges matter more than ever

Sean Campbell, Director Canadian Channels, Fortinet

By now it’s clear that the traditional workplace is no longer the norm for many industries. Multi-cloud environments, next-gen branch offices, converging networks, and remote workers using personal devices to access sensitive data are a fact of life—and will be for the foreseeable future. 

What has been lost in this sudden shift—something critically important to those tasked with IT security—is the integrity of the traditional network perimeter. Replacing that old network model is a new set of constantly evolving “edges”, covering everything from private and public cloud services to branch networks, remote workers, and countless IoT devices. This fracturing of the perimeter, replacing it with multiple shifting and highly dynamic edges, was well underway well before COVID-19. But in short order, recent events have accelerated this transition, and it has made implementing a consistent security approach across the organization even more difficult. 

Partners know better than anyone how important digital transformation is for their clients. Many have worked closely with them as trusted advisors as they designed, built, and executed on strategies designed to help them embrace digital innovation, harness new technologies, and transform their operations. This has not only led to changes to their networking infrastructure, but by extension, has also introduced the rapid-fire addition of new edges. And now, IT teams find themselves responsible for securing this rapidly expanding attack surface before it can become a target for enterprising cyber criminals. Add to that the complexity of COVID-19 and their task becomes even more complicated. 

Partners are necessarily on the front lines of this struggle with a key role to play as their clients find themselves at a critical juncture. Many organizations may feel tempted to respond by adding new security solutions on top of their existing solutions as they grapple with the surge in remote work and the shifting network perimeter. But adding additional sets of isolated security devices in these new networked environments often only serves to increase complexity, making the problem of limited visibility and inconsistent control even worse. 

The opportunity for partners is to do more than just help businesses manage the new frontiers of their networks, such as looking for a quick fix to gain control over remote work environments that include home networks and unsecured personal devices. To be truly helpful, partners need to step back even further and help their clients look critically at their entire network. Given that complexity is the enemy of security, the best long-term approach is to adopt a simple, more holistic security strategy based on a unified platform approach that can span the entire network. And by intentionally integrating security and networking, changes occurring anywhere across the network will always be made in a way that ensures that critical data, applications, workflows, and transactions are always secures, and that IT teams will have the ability to detect and respond to even the most sophisticated threats—happening any place, at any time, on any device—before they can accomplish their objectives.

For some organizations, a common place to start is with the cloud edge. It may be tempting to look at the cloud in isolation. But a single, isolated cloud security solution often fails to address core security challenges—namely, a consistent approach across the organization that opens up visibility and enables granular control of everything from device configurations and policy enforcement to intelligence sharing and coordinated threat response. To achieve this, partners should encourage their clients to look for a broader end-to-end solution designed from the ground up to not only be cloud native but also run natively on multiple cloud platforms. Such an approach will enable the implementation of the same security tools and protocols in a public, private or hybrid cloud. It will also ensure consistent policy enforcement and unified threat response, making it easy to roll out the solution across any cloud environment. 

Today’s new network perimeter is also expanding across what was the traditional network, creating new edges by extending across multiple network environments, including rapidly evolving LAN, WAN, and data center edges as well as the many IoT devices connected to the network. Not only are many of these IoT devices inherently insecure, many can’t even be updated or patched, making them a preferred target of cybercriminals. By adopting a security-driven network approach—powered by a uniform fabric of connected platforms deployed in every possible environment—organizations can achieve consistent, “single pane of glass” visibility across the entire perimeter even as it adapts and changes.

There’s also the endpoint edge, covering the multitude of end-user devices and home networks that expose organizations to malware and malicious apps, or place the network at risk by connecting to compromised public access points. An integrated security platform can automatically identify any device at the moment of access, calculate context, and apply all appropriate policies and segmentation without the need for manual intervention. New policies can also be automatically distributed across the network to harden defenses for individual devices as well as network segments.

As we look to the future, it’s clear most organizations will not only be adding more traffic to their networks in the months ahead, but continuing to expand the edges of their network as well. Partners need to work closely with their customers to identify the risks that come with trying to apply outdated security architectures to today’s networks. They then need to help guide them to a sustainable, long-term security strategy designed for today’s constantly changing world of work. This change is already underway. Now is the time to get your clients serious about moving to a platform-based security strategy. 

Sean Campbell, is Director Canadian Channels, Fortinet