Solution Architect Perspectives: Cybersecurity in a Perimeter-less Network Environment

August 09, 2021
CCB_perimeterless-846x402

The promise of a hybrid work model brings with it lots of benefits for employers and employees, but also presents many IT challenges. From a cybersecurity perspective, the distributed application architecture brought on by hybrid working models makes it even more critical to protect all traffic flows. This perimeter-less environment is the new normal when considering home users, cloud, and SaaS applications. IT leaders are increasingly considering security frameworks that converge network and security to focus on the performance, reliability, and security of the perimeter-less environment.

We recently sat down with Sean Aviv from the Comcast Business solution architect team to learn more about the needs and challenges they are hearing from customers as they continue to adjust their cybersecurity posture to support the hybrid model. Overall, as a result of the shift, they are seeing an increased need to focus on all threat vectors including securing the corporate infrastructure, cloud environments, and home networks while ensuring a great user experience and application performance.

Q
The shift to distributed workforces has brought on a lot of change from a cybersecurity perspective. What are some of the more foundational shifts that businesses need to make to protect themselves from threats?

A

The increase in distributed workforce requirements along with increased adoption of cloud, infrastructure-as-a-service, SaaS applications, and IoT require a holistic approach to securing the enterprise. With hybrid work alongside a distributed application architecture, it is critical to protect all traffic flows as users, corporate data, and business-critical assets can reside anywhere. As organizations look to optimize their security posture, they will be shifting towards software-defined networking (SDN), micro-segmentation, and threat response automation technologies. Solutions like Comcast Business ActiveCoreSM can streamline network threat monitoring and management, help businesses secure their corporate data, and manage the attack surface through network segmentation.


 

Q
What are you hearing from Comcast Business customers? What is their level of concern and how quickly are they making changes?

A

We are absolutely seeing an increased awareness of cyberthreats such as ransomware, DDoS, and software vulnerability concerns. Customers understand that with a distributed workforce and applications migrating to the cloud, they have more exposure to security risks and data breaches. At Comcast Business, we help customers safeguard their networks and data via high-performance and secure architectures leveraging solutions such as ActiveCore Secure SD-WAN, carrier grade DDoS mitigation, and other services in our extensive managed services portfolio. From a speed-to-market perspective, we are seeing certain industry verticals adopting advanced security technologies and threat response automation at a faster pace. Manufacturing & distribution, healthcare, financial services, retail, education, and government are leading the charge.


 

Q
What are some of the key cybersecurity challenges that remain for IT leaders?

A

Cyberthreats are continually evolving, becoming more sophisticated, and more difficult to detect. A strong cybersecurity strategy is always on, continuous, and requires people, process, and technology. A key challenge is delivering a complete security strategy that is aligned with each organization’s specific business risks. The strategy must consist of the right security technologies, policies and procedures, ongoing security assessments, threat intelligence, and a threat detection and response strategy. The key is to take a proactive approach to cybersecurity and mitigate threats ahead of time and not wait for the attack to take place.


 

Q
Are there any challenges specific to supporting a more hybrid workforce?

A

A hybrid workforce requires organizations to look beyond the corporate network and identify additional cyber risks that exist in the home such as Wi-Fi connections, personal devices (BYOD), and the increase in phishing attempts. These potential exploits can lead to a breach impact across the organization, which is why a comprehensive approach to security must be taken. This includes endpoint protection, MFA, access control, as well as secure connectivity to the Internet, corporate assets, and cloud applications. These can be addressed with the combination of a strong VPN solution, secure SD-WAN platform, firewall-as-a-service, or other technologies that align to the SASE framework to deliver a resilient and secure end-to-end solution.


 

Q
As IT teams continue to make adjustments in their cybersecurity policies, how can they set themselves up for success?

A

Planning ahead, IT decision makers need to re-think their approach to traditional networking and security practices, and consider a shift toward SDN technologies, zero-trust architectures, artificial intelligence, and automation. The first step is to know the environment and understand risk. Organizations should have a clear view into all assets, corporate data, PII information, applications, and systems whether on the network, in the cloud, or a home user device. This requires having the right tools, analytics, and skillset to achieve. We have all seen in the news multiple organizations that were impacted due to cyberattacks that resulted in data breaches due to unpatched servers and ransomware payouts where social engineering vulnerabilities were exploited. This comes down to taking a holistic and proactive approach to mitigating the continuously evolving threat landscape.


 

Q
As businesses continue on their digital transformation journey, what are some key security policies that they need to consider?

A

We are in a new era of technology where the modern workforce is increasingly more mobile (i.e. hybrid workforce), applications are continuing to migrate to the cloud, and more SaaS platforms are being utilized. All of this drives a demand for increased bandwidth at the business edge and the home. Organizations are looking for a more efficient, optimal, and secure way to manage their traffic flows. Secure SD-WAN and XDR technologies are reshaping the enterprise and are the next evolution in networking and security by delivering application level path selection, automation over a secure architecture, and automated threat response. This requires an end-to-end security model that focuses on cybersecurity with a high-performance Internet breakout design that includes branch edge, cloud, and endpoint security that tie back to intelligent automated platforms and analysts for threat detection, response, and containment.


 

Q
How have cloud-based services and direct to cloud impacted cybersecurity posture management?

A

Protecting corporate data is a critical component of a strong cybersecurity strategy. This comes down to understanding where corporate data resides, who accesses the data, and how the data is accessed. Both the network design and security posture come into play. Designing the cloud environment with the right network architecture depends on who needs to access the environment and how they are accessing the information. For example, we would design the network and security policies differently on a public cloud infrastructure than we would on a private cloud infrastructure. Focusing on delivering a robust, multi-cloud security model that encompasses a holistic view across all users, systems, applications, and traffic flows in a perimeter-less networking environment.

When considering SaaS platforms such as file storage or customer relationship management solutions, it is worthwhile assessing Cloud Access Security Broker (CASB) solutions to enforce security policies to help prevent data exfiltration or unauthorized access to corporate data, protect against malware, and gain visibility into the SaaS/Cloud environment. Other technologies include SDN, micro-segmentation, and XDR solutions for cybersecurity intelligence and automation across the enterprise.

The hybrid work model offers a lot of benefits for companies. It also presents many IT challenges.

This article is available exclusively to
Comcast Business Community Members.

Join the Comcast Business Community to read this article
and get access to all the resources and features on the site.

It's free to sign up

Sign Up

for our newsletter

network-security

Learn how Comcast Business can help
keep you ready for what's next.

 

footerNew

for our newsletter