The pandemic outbreak forced everyone to follow the remote work model for business continuity. The remote work model is appealing to cybercriminals. Organizations should follow redesigned enterprise network model to enhance cybersecurity while working remotely.
Info-Tech Research Group has published research, Enterprise Network Design Considerations. This study is timely, given the growing number of remote users and services provided “off network” contributing to the rapidly escalating enterprise cybersecurity threats.
IT teams must evaluate cybersecurity, risk, and trust models while developing and deploying an enterprise network. If these models are not considered during network setup, band-aids and workarounds will be deployed to achieve the needed goals, potentially bypassing network controls.
Many enterprises still use traditional networks, which commonly include comprehensive firewalls and dedicated hardware devices such as switches and routers to control data traffic but have limited security.
With the increasing amount of work that the business is completing remotely, not all devices and data paths will be under the control of IT. However, this shift does not allow IT to abdicate from the responsibility to provide a secure network. The research shows that the cloud “gold rush” has made it attractive for many enterprises to migrate services off the traditional network and into cloud-based services such as inverted perimeter or hybrid networks for better security and connectivity.
An inverted perimeter network is one in which security and control points cover the entire workflow, on or off-net, from users to the services themselves, with a zero-trust principle. Since the control plane is designed to encompass the workflow securely, much of the underlying connectivity can be abstracted.
The firm’s research also suggests that an inverted perimeter network model is extremely attractive for organizations that primarily consume cloud services and have a large remote workforce.
A hybrid network combines elements of a traditional network with cloud resources. As some of these resources are not entirely under the control of IT and may be completely off-net or loosely coupled to the on-premises network, the security boundaries and control points are less likely to be centralized. Hybrid networks allow the flexibility and speed of cloud deployment without leaving behind traditional network constructs but are generally more costly to secure and maintain.
Info-Tech recommends security and IT leaders understand the needs of the business before choosing a network design for the organization. The new blueprint highlights the following four factors that should be considered when trying to understand business needs.
1. Mission: Consider the mission and vision of the business to address relevant needs.
2. Users: Identify where users will be accessing services; Remote vs. “on net” is a design consideration now more than ever.
3. Resources: Identify the required resources and their locations: on net vs. cloud.
4. Controls: Identify the required rules in order to define control points and solutions.
Source: Info-Tech Research Group