Moving to the cloud means rethinking network security

Moving to the cloud means rethinking network security

304 readers like this
CIO Cloud Strategy

Many organizations are moving critical data and applications to the cloud, but securing them with systems built for an on-premise world. That approach comes with a warning from Paul Gampe, CTO of Console, a platform that allows organizations to connect to each other's networks without using the internet. In an interview with The Enterprisers Project, he explains the risks and how to address them.

CIO_Q and A

The Enterprisers Project (TEP): What is the biggest threat facing modern enterprise networks?

Gampe: The biggest risk facing current enterprise networks today is security. Data loss prevention systems that inspect outgoing packets to look for sensitive data, and intrusion detection systems that monitor incoming packets to identify potential threats, have both traditionally been placed at the edge of the enterprise network. However, as many line-of-business applications move from on-premise data centers to cloud services, there is no traditional network edge anymore, which renders the conventional methods of securing the enterprise network edge insufficient.

CIOs and CTOs today need to carefully plan for applications migrating to the cloud, or risk being caught off guard with edge-of-network infrastructure and systems unable to secure new traffic flows outside of the enterprise network.

TEP: What are the biggest mistakes you see CIOs and CTOs making around enterprise networks?

Gampe: The most common mistake I see is a failure to plan adequately for the impact of adopting cloud services on the enterprise network. CIOs and CTOs need to monitor and understand the internal traffic patterns of the on-premise data center to appropriately plan for the change in flows as traffic destined for line-of-business applications moves from those on-premise data centers to cloud-hosted services. There are serious risks to user productivity and application availability if CIOs and CTOs have not appropriately planned for or deployed the infrastructure required to support new traffic flows to the public cloud.

"If CIOs and CTOs want to ensure they have the network capacity, performance, and security to safely adopt cloud services, they need to bypass the public internet and directly connect enterprise networks."

The second important task is planning for the changes to line-of-business application security. Firewall rules based on address have been a standard first line of defense in the past. But as applications move to the cloud, source address-based firewalls are no longer valid. CIOs and CTOs today need to re-assess their information security management strategy to account for the fact that they can no longer rely on the assumption that applications are not internet-accessible.

TEP: What are some of the obstacles and restrictions enterprises encounter when dealing with the public internet?

Gampe: The clearest obstacle is instability, and the biggest risk is security when dealing with the public internet. It's no surprise that the public internet is not secure, but the internet's significant instability at times is not apparent until mission-critical applications are moved to the public cloud and the organization is suddenly exposed to a lack of application availability due to that instability.

A simple search for a major route leak gives a sense of how often and how significant some of these public internet outages are. Tier 1 network operators will typically off-load traffic to the lowest-cost path, often with little concern for performance. Using these public internet services for mission-critical application availability is inherently high-risk. The key to safely and securely adopting cloud services is to not use the public internet.

If CIOs and CTOs want to ensure they have the network capacity, performance, and security to safely adopt cloud services, they need to bypass the public internet and directly connect enterprise networks. Large public cloud service providers and new software defined interconnection companies now provide these direct connect services to ensure that enterprises remain in control of their network connectivity without relying on the public internet.

Organizations need to do a

Organizations need to do a much better job making sure their networks and connectivity is secure. According to a recent blog I read,

"For a network connection to be considered secure, it should adhere to at least three basic principles:

--Third parties should be barred from obtaining confidential data that was not meant to be sent to them.
--Identification of the person or persons wanting access to the data must be verified.
--Information being exchanged must be guarded against being seen, captured, or altered by unknown parties.

Connections that are not secure are more vulnerable to data breaches, identity theft, data leaks, eavesdropping, malicious cyberattacks, and a host of other cybercrimes, disruptions and, nuisances."

The blog is here, BTW:

Minda Zetlin is a business technology writer and columnist for She is co-author of "The Geek Gap: Why Business and Technology Professionals Don't Understand Each Other and Why They Need Each Other to Survive," as well as several other books. She lives in Snohomish, Washington.

7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By Stephanie Overby
October 20, 2020

CIOs and IT leaders need to know artificial intelligence in reasonable depth to understand its pragmatic adoption. Otherwise, you may either overestimate or underestimate AI’s impact.

Submitted By Jay Jamison
October 19, 2020

Throughout this year, industries have had to completely change how they do business. To foster buy-in for large scale digital transformation, consider these techniques.

Submitted By Peter Jackson
October 16, 2020

Between the pressure to accelerate digital transformation and external stress right now,  IT teams are in serious danger of burnout. IT leaders can take these three steps today to make a difference to teammates


Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.