For most organizations undergoing digital transformation (DX), was already a challenging, complex, and costly journey, and it just got a dose of rocket fuel from COVID-19. The remote workforce has exploded in size seemingly overnight, networks are rapidly changing, and employees, applications and trust zones are more distributed than ever.
By Karl Van Den Bergh, Chief Marketing Officer, Gigamon
As a result, we’re seeing increased pressure on existing IT systems that were never designed for this scenario, as well as an expanded attack surface. And as businesses ask their employees to do more with less amid economic uncertainty, simultaneously, network operations and security teams face the challenge of lowering risk and removing blindspots as traffic patterns change — all while maintaining network performance, security and a positive end-user experience.
The next five years in digital transformation must now happen in the next five weeks. Below I’ve outlined three DX shifts happening in the midst of today’s global workplace transition to remote work and how to handle them. While our current situation will be fluid for some time, what is here to stay is the need for performance and security in a rapidly shifting network, with an eye toward cost containment.
1. WFH requires rapid scaling of remote access infrastructure. On average, organizations have 59% more East-West traffic than North-South. New work from home (WFH) policies are driving the entire LAN traffic base to VPN and have left IT teams with little time to scale their remote access infrastructure for employees. As they scramble to bring remote working capacity online quickly, by repurposing older or existing infrastructure, issues such as failures and bottlenecks can arise in the new network segments and infrastructure. Detecting these issues in a timely manner is critical. But with already stretched resources, these issues become a truly significant challenge.
a. Pro tip: During this transition, with even more changes pending, having accurate visibility into your traffic profile is critical. You need visibility into exactly what’s happening in your network, so you never miss an opportunity, for example, to do accurate capacity re-planning, identifying critical traffic and optimizing bandwidth usage. Networks need to run smoothly, even with a multitude of moving parts.
2. Apps are suddenly pushed to the limit. Customers are now engaging with companies mostly through mobile applications or online. As new application containers, microservices and virtual machines are being stood up rapidly to meet sudden growth in user demand, IT and infrastructure teams risk being left behind by fast-working DevOps and applications teams. This mismatch in alignment can have serious consequences. While application capacity may ramp up, infrastructure capacity may lag and network bandwidth issues, reduced user experience, and application and data access or usage may not be monitored adequately for threats.
a. Pro tip: To achieve the best possible customer and user experience for digital apps, it is important to monitor and visualize application usage and user experience, and take action based on the performance and behavior of these applications. For example, surges in video conferencing traffic due to the intensive use of applications like Cisco WebEx, GoToMeeting, Skype and Zoom can very quickly overwhelm intrusion detection methods. IT teams must be able to quickly visualize which applications are causing these traffic surges, decide whether to analyze this traffic and at what depth, and then filter out safe or low-risk traffic to preserve bandwidth for other applications.
3. When organizations turn inside out, it demands borderless security. Organizations are turning inside out, meaning user traffic previously inside the firewall is now flooding in from outside. Any additional network user activity in new network segments can become a source for threats, such as data leakage or ransomware. Bad actors are quickly exploiting the prevailing paranoia and uncertainty in an effort to compromise users’ systems. These threats use droppers, which are then used to download additional malware on users’ systems to compromise credentials, ultimately leading to ransomware attacks, and potential data exfiltration.
Compounding the inside out challenge is that remote workers use their home network and/or personal devices for work. And it’s not certain that every worker is following recommended security protocols. Even the mandated use of VPNs may not solve the problem, especially if endpoints have not been recently patched. As an example, vulnerabilities are being found and reported in various VPN and firewall manufacturers, which allow Mirai botnet–type variants to take control.
a. Pro Tip: In an effort to ramp up capacity, enterprises need to make sure that if they are using older gear, it is fit for purpose and can be patched and secured. Also, the need for a Zero Trust approach to the network is greater than ever. You need every corner of your network illuminated to provide better visibility and threat detection.
As IT and security teams race to support a remote workforce that is two to three times larger than was ever planned, borderless security needs to be maintained as network traffic has turned from the inside out, not to mention that the applications we depend on are all being pushed to previously untested limits. Visibility and infrastructure agility have become key success factors in an organization’s ability to respond to these challenges, both now and as they continue to manage massive DX shifts as we hurdle toward the new tomorrow.
About the Author
Karl Van Den Bergh is the Chief Marketing Officer at Gigamon. He is a Senior GTM and Product Executive focused on Data and Cloud, with a passion for making a difference by building great teams, products, and businesses. He has a history of successful roles, both strategic and operational, in early-stage startups as well as $1B+ high-tech companies, with extensive international experience.
CISO MAG did not evaluate/test the products mentioned in this article, nor does it endorse any of the claims made by the writer. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same. CISO MAG does not guarantee the satisfactory performance of the products mentioned in this article.