Designing secure business networks from the beginning
As mobile devices continue to expand and redefine network’s edges, network security challenges continue to be the main concerns among IT and telecommunications leaders, particularly in Latin America, where the use of mobile devices is more popular.
The expansion of communication channels – such as voice communications, e-mails, videos and chat communications – has also a large influence on the complexity, implementation, administration of the network and on what defines network’s edges. Nowadays companies must be prepared to face the challenges generated by new technologies, such as offering flexible solutions for data expansion and transmission according to particular needs, including cybersecurity.
There is no company which, regardless of the issue or size, is immune to cybercrime. Over past years, cybercrime has been growing and perfecting its methods rapidly in order to achieve greater economic benefits.
Nowadays, the vision of cybersecurity is different: it is mainly oriented at risk assessment and resilience. For this reason, tools such as micro-segmentation, advanced analytics and artificial intelligence are the main mechanisms for mitigating new generation cyberattacks.
One of the new trends is network automation, from data center level (SDN), access (SDA) and WAN (SDWAN), which allows centrally managing the provisioning and the management of changes. Said tasks were previously carried out manually and took much more time to IT managers. Micro-segmentation can be achieved through automation. Micro-segmentation consists in eliminating flat networks models where there was unlimited access to the network, without any control and based on privileges established based on the roles in the company.
Nowadays a “zero trust” environment dominates; access is only allowed under granular authorization and each resource is available only to those users who, due to their role in the company, need to access that specific information. For that, a centralized orchestration of the network at access control level is required and the industry is already implementing NAC solutions (access control based on the identity of the users) that include this central management capacity in dynamic environments.
At remote office level, connectivity via Secure SD-WAN is recommended, in order to take security policies from the data center to the branches, while the management of connectivity of the entire WAN is automated through a central controller.
Ideally, companies should make the management at senior managers level, so that policies and standards based on international standards may be applied. We are talking about certification such as ISO 27001 on risk management, certification under which Ikusi currently operates, thus providing support to companies in order to satisfy the new needs of the market as a strategic partner for technological and digital development.