How Content Delivery Expertise Can Empower Better Security

Cloud Perimeter Emerges as More Flexible Approach

istock 537331500 blog 1

The push for enterprises to be more agile, flexible, and fast—a.k.a. Digital Transformation—is driving IT resources out of legacy environments and into the cloud.

Business today depends upon a more flexible, remote and mobile workforce, and that workforce needs secure, reliable, and fast access to those resources and applications that live in the cloud.

But the transformation to an inside-out enterprise—where applications, data and users increasingly live beyond a company’s confines—imposes some challenges along with the benefits it brings.

At the top of those issues: security. IT remains responsible for the security, visibility, and performance of applications and users that now sit outside the business’ traditional zone of control. Three-quarters of respondents [1] to a recent IDC survey say that the ability to provide secure remote application access is a priority.

In this world, IT teams are turning themselves topsy-turvy in a quest to adapt known security controls to the cloud environment. But replicating traditional on-premise perimeters across regions and data centers means you’re acting as if the majority of users remain inside the physical enterprise, which just isn’t the case anymore. IT winds up relying on legacy VPNs that can’t enforce access at the application layer—only at the network layer—which increases risk for organizations where far-flung employees and third-parties need remote access to some, but by no means all, systems and services.

IT also increases complexity across locations and cloud providers by deploying multiple hardware or software firewalls in an attempt to further boost security, as well as load balancers and optimizers in the hope of supporting application performance. This adds up to a perimeter that is so difficult to manage that it can take IT months to make even simple changes as required by the business.

Building more DMZs and adding more software and hardware gets costly, too, while decreasing the effectiveness and agility of IT teams. Over 60% of [2] the companies recently surveyed by IDC say they believe that remote application access today is extremely complex. It commonly involves anywhere from five to 14 hardware and software components [3]  to add new external user groups to an organization, for instance.

A New Approach is At Hand

A better security approach—one that is already ingrained in the infrastructure DNA of leading Content Delivery Network (CDN) service providers that have long provided their customers with safe web experiences—is to move to a cloud perimeter. The concept grants no credibility to old-world ideas about network perimeters and assumes that there is no such thing as a trusted party in the network.

To that end, cloud-based DMZ service solutions hide applications from the Internet and public exposure, closing all inbound firewall ports and ensuring that only authenticated individuals gain access only to the applications that they are authorized to use. The fact that these services not only embed security (including firewalls and multi-factor authentication) but also eliminate the need to manage hardware devices and software upgrades provides relief and cost-savings to embattled IT staff.

These services mean IT groups don’t have to install new hardware or software clients. They can instead work with existing applications, directories and networks while viewing and managing all facets of remote access in a single service. This makes it easier for them to handle deployment, provisioning, and change management.That’s particularly important given how often third-party contractors weave in and out of enterprise environments.

Performance is assured, too, given that leading-edge CDN providers have decades of experience finding the fastest path to destinations with 100 percent availability.

So, even as corporate applications live in hybrid data center and cloud environments—with more solutions being deployed beyond what has traditionally been the enterprise’s zone of control—IT now can take advantage of solutions that can seamlessly deliver access while assuring security remains intact. The groundwork laid years ago in safeguarding websites will continue to be key in solving new challenges.

To learn more, visit Akamai.

1, 2, 3: Remote & Secure Access Research, IDC, May 2017


Copyright © 2017 IDG Communications, Inc.