Exploring the need for scalable, cloud-based security

In this section, we will see how these shifts in trends lead us toward a scalable, available, cloud-based security while using the internet as the underlying transport mechanism.

Workforce evolution requirements

As the workforce evolves and demands access to applications from anywhere, we must look at the common medium of transmission. We can all safely agree that the internet seems to be that common medium. End users can now access the internet using several methods such as a computer (Ethernet), a tablet (Wi-Fi), or a smartphone (cellular network). The internet is now considered a utility like electricity, water, and gas. So, why not use the internet to bring these end users to their applications?

The workforce is also demanding access not only from anywhere but at any time. Again, the internet solves this problem. The internet is always on. Many Internet Service Providers (ISPs) now provide service level agreements (SLAs) like other utilities.

Enterprise preferences

Now, let us look at what we need in order to develop a model that enterprises prefer. The first issue was trying to build a vast network and infrastructure to host their applications and then to connect their workforce to those applications. If enterprises were to leverage the universal medium – the internet – they could use it as the transport mechanism to connect their workforce to their applications. This is very much true for internet-based applications, but it could also work for in-house legacy applications that run on physical servers.

Enterprises could migrate their applications to virtual servers on various public cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), or they could somehow leverage the internet to connect their users to the legacy applications in their data centers.

The second problem is the constant, expensive upgrade cycle. What if the provider is cloud-based and all upgrades are managed by the provider without any burden on the enterprise? All the enterprise needs to do is hand off their traffic to the provider using the internet; the provider does the rest. The enterprise is guaranteed a SLA from the provider and is also provided with high availability. This model also shifts the spending model from CAPEX to OPEX, which is preferable by the enterprise.

The third problem is in terms of the various products needed for a set of features. What if the enterprises can rely on a provider that has all the essential features that enterprises need and can be chosen on a subscription basis? Enterprises get the essential features for a base pricing model (billed monthly) and they can choose optional features for extra money. For example, they may choose extra features 1, 3, and 4 and pay $X more or choose extra features 1, 2, 3, and 4 and pay $Y more. Even better, what if these license costs are based on the number of active users? If an enterprise has 500 users, it pays 500X monthly instead of an arbitrary monthly amount. This would be a very fair pricing model, no different than a utility billing such as electricity, water, and gas.

Scalable, highly available, cloud-based solutions

Any security solution that is designed for enterprises needs to tick these boxes. A scalable solution means that the solution should continue to work at the same expectation levels when the user count goes from 100 to 10,000. This provides assurance to the enterprises that they do not have to worry about poor performance as their user base scales up or down.

The solution also needs to be highly available. This means that when a certain component of the provider goes down, end user traffic should automatically be handled or re-routed by another component that is ready and standing by. The availability of the provider is usually measured using SLAs. Some SLAs that are often mentioned by providers are 99.99% available or 99.95% available.

Finally, enterprises prefer a cloud-based solution where they do not have to do or know anything about how the providers operate. All the enterprises do is forward their traffic to the cloud provider and that is the end of it. The cloud provider provides the enterprise with an administration portal where the enterprise administrators can log in and provision their desired configuration.

Internet security for everyone

In today's world, we are seeing that a lot of small businesses, schools, and hospitals are being targeted by bad actors, especially using ransomware that has been on the internet for quite some time. The consequences of a compromise can be fatal to these organizations. In the past, it was difficult to select and provision a security solution.

It does not have to be like that today. The solution that will be presented in the next sections is quite easy and quick to implement, especially when using the default security policy that is based on industry standards. This is even more true for a startup or a consulting organization that has many employees remotely working across broad geographies. As the saying goes, "prevention is better than cure" – this is very much true for internet security today.