By Jon Bove, Fortinet
As the way people work has changed, networks have had to adapt accordingly. When remote work became the global standard, corporate networks were flooded with personal devices. These changes, along with an increase in SaaS applications and the adoption of multi-cloud networks, have significantly altered the attack surface.
IDC predicts that by 2023 – just a year and a half from now – more than 50% of new IT infrastructure deployment will be at the edge. Because this new network environment needs to be managed and secured, organizations are looking more seriously at implementing technologies like Zero Trust Access (ZTA) and multi-factor authentication (MFA). At the same time, a report by Enterprise Strategy Group found only 13% of organizations already have strong adherence to Zero Trust principles.
Security that protects everything and everywhere is essential, but it’s clear that implementation is lagging.
A More Holistic Approach Is Needed
For partners, there’s a huge opportunity in this landscape because customers are looking for a broader security approach. Many organizations are challenged with defense across their entire infrastructure as the threat landscape has become much more sophisticated and harder to manage with isolated point products and disparate services.
What’s needed is a more holistic approach that can cover all the components to protect people, devices, and data everywhere. But this has been further complicated by the move to remote work and the increased adoption of hybrid and multi-cloud. You need a solution that can provide the same level of security coverage everywhere for every user. This is where emerging technologies like Zero Trust play an important role.
How Hybrid And Multi-Cloud Have Changed The Landscape
To help support their evolving digital transformation requirements, organizations have come to rely more on hybrid and multi-cloud environments. According to a recent report from Fortinet, 76% of organizations surveyed reported using at least two cloud providers. The result is that applications can reside anywhere – from on-campus to branch to data center to cloud. And now that the era of “work from anywhere” is upon us, organizations have had to rethink how they secure network edges, both on-premises and in the cloud.
Of course, there are security differences among each of the cloud platforms. Each has different built-in security tools and functions with different command structures, different capabilities, different syntax, and logic. The data center, too, is yet another environment. In addition, enterprises may be migrating into and out of clouds. Each cloud offers unique advantages, and it’s essential that the enterprise can use whichever one(s) support their business needs. Cybersecurity mustn’t impede cloud choices, but with each cloud provider offering different security services using different tooling and approaches, each of your clouds becomes an independent silo in a fragmented network security infrastructure.
Zero Trust Helps Protect The Work From Anywhere Model
With remote workers, in-office employees, and the expansion of the cloud, the threat landscape is broader than ever, and an organization’s security needs have become more challenging and complex. More off-site workers mean a greater emphasis on Zero Trust, least-privilege principles to keep network access secure. Implementing Zero Trust requires solutions such as network access control (NAC) and endpoint protection in concert with a broad, integrated, and automated security framework designed to span the network from the home office, branch office, campus, and data center to multiple public clouds.
Zero Trust evolved because the old network security model of “inside means trusted” and “outside means untrusted” is no longer applicable; it no longer describes today’s network landscape. With Zero Trust, neither IP address nor network location guarantees trustworthiness. The ongoing expansion and erosion of the perimeter underscore the need for a Zero Trust approach, which extends security monitoring and enforcement to every device, whether it's trusted or not. A surprising benefit to the global experiment in remote work is that it could signal the end of trust-based security.
Comprehensive Security Is The Future
The proliferation of new devices and edges, along with investments in digital innovations, continue to expand the digital attack surface. Many organizations are challenged with protecting across their entire infrastructure as the threat landscape has become much more sophisticated and harder to manage with isolated point products and disparate services. This complexity is compounded with different pricing structures for services and multiple licensing models ranging from device-based, hardware-based, and user-based that have remained siloed across form factors.
MSPs and channel partners have an opportunity to guide customers toward a comprehensive security strategy that unifies all efforts across all components of the network. Solutions need to span the entire network to protect all devices, people, and data, no matter where they are. Today’s complex, cloud-connected networks require nothing less.
About The Author
Jon Bove is the vice president of channel sales at Fortinet, Inc. (FTNT). In this capacity, Bove and his team are responsible for strategizing, promoting, and driving the channel sales strategy for partners in the United States as we seek to help them build successful – and profitable – security practices. A 17-year veteran of the technology industry, Bove has held progressively responsible sales, sales leadership, and channel leadership positions. During his time at Fortinet, he has been responsible for establishing Fortinet's national partner program and aligning Fortinet's regional partner strategy to allow partners to develop Fortinet security practices with the tools and programs to successfully grow their business.