Distributed Networks and the Challenge of Security
Blockchain might just be the solution organizations have been waiting for when it comes to dealing with BYOD and distributed network security.
The days of the desk are over. With both enterprises and startups focusing on agility and mobility, we are finding ourselves increasingly becoming active where the action is. For startups, this can mean hustling and traveling around the globe in search for opportunities. For enterprises, this could mean empowering employees to become productive anywhere they are.
Consider how Elon Musk, founder and CEO of Tesla and SpaceX (and serial entrepreneur who counts PayPal as a success story), does not actually have a permanent place for his own desk. Oft considered eccentric by the media, Musk has said he would often have sleeping bags stowed in conference rooms, and that he spends most of his time on the factory floor. “I move my desk around to wherever the most important place is in the company at that time,” cites BGR.
Not everyone is an Elon Musk, although certainly anyone can relate with the potential benefits that mobility can offer for any business. It’s not only the proverbial traveling salesman who gets to benefit from anywhere-access to their data and applications, however. According to recent statistics, at least 91 percent of corporate employees are using mobile apps relevant to their work. Almost half of large enterprises provide apps to at least half of their employees.
BYOD Has Gone Mainstream
After the turn of the century, the concept of BYOD – or bring your own device – started to become an attractive proposition for organizations due to their productivity and cost advantages. Today, the luster of BYOD has faded off a bit, no thanks to the security and compatibility issues that businesses have had to face.
According to recent insights, 39 percent of businesses with a BYOD policy have encountered malware, and an additional 35 percent are unsure or have not surveyed their employees’ devices for malicious apps.
For those that have encountered security breaches, 72 percent said that these involved data leakage and loss. Fifty-six percent cite unauthorized access to their corporate systems, and 54 percent say their users have downloaded unsafe apps or content.
Security is mostly a nightmare for businesses that employ BYOD or mobility policies because of the perceived difficulty in maintaining security for a distributed network. Before the days of the cloud, a company could keep its server infrastructure inside a secure room under lock and key and keep all traffic filtered and monitored through a firewall. When data centers and off-premises infrastructures were in fashion, enterprises could use MPLS, or Multiprotocol Label Switching, to route traffic across their network with little to no compromise on speed and performance.
However, with the rise of cloud services – and even today’s decentralized blockchain-powered technologies – the question of security becomes even more pressing, especially for organizations that have their data on the cloud, with multitudes of endpoints like laptops, smartphones, and other devices, accessing this data from multiple points. (Want to learn more about what blockchain is? Check out An Introduction to Blockchain Technology.)
Decentralization as an Answer
To address the need for enhanced security amid decentralization, the answer seems to lie in decentralization, too. An emerging trend involves deploying security through the cloud. For enterprises, this could involve a firewall as a service or FWaaS, which is defined as “a firewall delivered as cloud-based service that allows customers to partially or fully move security inspection to a cloud infrastructure.”
A decentralized cloud-based deployment, such as one deployed over an FWaaS solution, would mean the ability to secure traffic flowing from and to endpoints like smartphones, laptops, tablets, and such devices, even when these are directly connected through the internet. This is in contrast with having to tunnel in through a VPN, which usually takes a performance hit and which can be expensive.
One solution in particular involves connecting all disparate cloud providers into a single and secure software-defined wide-area network (SD-WAN). Such a software-based or logical firewall is said to be “available anywhere, seamlessly scales to address any traffic workload, enforces unified policy, and self-maintained by a cloud provider.” Through this deployment, an organization only has to manage a single global firewall instance that can scale according to traffic volume and devices connected.
|Free Download: Best Ways to Extend Endpoint Management and Security to Mobile Devices|
This also means that IT departments will only need to manage a single or unified policy, which will apply to all devices connected, negating the need to manage and enforce policies on each firewall instance, as is the case with a traditional on-premises firewall deployment.
Another major point of discussion when it comes to decentralization would involve the use of blockchain technologies. Blockchains are essentially distributed ledgers, wherein data is not stored in any single point or database. The network of nodes would usually have a distributed consensus mechanism, wherein each transaction entered into the blockchain would now be an encrypted and immutable public record.
Blockchains are now being designed and deployed across a wide array of industries, including education, health, insurance, finance and more. What’s essential to know here is that blockchains can help prevent fraud and data theft by distributing the data storage and consensus mechanism such that hackers would have to undertake the impossible task of corrupting or destroying data stored on each and every one of the blockchain’s nodes. (Learn more about blockchain's potential for security in Will Blockchain Technology Make DDoS Attacks Obsolete?)
In terms of securing a distributed network, solutions such as that of Guardtime would play a part. This particular startup ensures that data cannot be stolen from any single device, as the information is distributed across the system’s network of nodes.
What Is the Future in Network Security?
Network security is an ever-evolving business. Even cloud technology itself is slowly being supplanted by even more decentralized technologies such as blockchains. However, even while blockchain tech is promising in terms of encrypting and securing data through immutable and distributed ledgers, today’s cloud-based offerings would be a rational choice in addressing the challenges of securing our increasingly mobile workforce.
As endpoints and network nodes become even more distributed, security professionals and IT departments will need to establish ways to both enhance and simplify the way they manage security for their organizations and users.