At Meta Networks, we’re constantly thinking about how to adapt network security to two of the biggest factors that are affecting the way we work: cloud and mobility. There are some clear takeaways:
- It’s time to move from the paradigm of a physical perimeter to a software-defined perimeter that follows the user. This new perimeter should be as narrow as possible, granting users access to only what they need, and reducing the potential attack surface.
- We need to adopt a zero-trust model that provisions and secures access based on identity rather than physical infrastructure. Regardless of where the user is located, never trust, continually verify.
- Last but not least, the best way to implement a distributed security model is through the cloud. Not only for the obvious reasons of management, cost and agility, but also to assure a fast user experience from every global location. Yet despite all of these advantages, some organizations still prefer to host security solutions on their own infrastructure.
What Migrates to the Cloud, What Stays Behind?
Over the past few years, there’s been a tremendous increase in public cloud adoption by enterprises of all sizes and types - both for business-focused applications and for hosting infrastructure. However, until recently there was less interest in using the cloud for other IT functionality. That situation is changing rapidly - in a survey in the 2018 Guide to WAN Architecture and Design, a large majority of respondents preferred to host security and IT management functions in the cloud.
But you can look at it the other way around. According to the survey above, a fifth of the respondents prefer to host all control and security functionality in their private facilities. According to Forbes, by the year 2020 83% of workloads will be in the cloud - but that leaves 17% that will not.
The reason why companies prefer to host security functionality on premise varies widely. For many it is because they are subject to compliance requirements that either demand or are greatly facilitated by that approach. For others it can be as simple as they have an existing enterprise security policy that requires it.
At the end of the day it doesn’t matter why an organization prefers an on-premise solution. What matters is that independent of how they choose to implement it, organizations are able to adopt an approach to security that relies on an SDP and which features an effective zero trust model. Meta NaaS supports private infrastructure as well as public cloud, to bridge these two worlds.