Enterprise Services Blog
Get the latest thought leadership and information about the role of Enterprise Services in an increasingly interconnected world at HP Communities.

Innovation INSIGHT on Security: Surf or sink during IT’s biggest challenge in 20 years

By Bryan Stiekes, Distinguished Technologist, HP Enterprise Services Office of the CTO


It’s the largest enterprise security dilemma that organizations have faced in 20 years: Switch to an Internet-network hybrid for real-time response or attempt to stay afloat with a rigid legacy system.


Such surf or sink choices aren’t easy. Enterprise security is always in a state of constant change. Historically, security architecture has focused on the network. But the threat is no longer just external; it’s internal. And with today’s new business velocity, treading along with what worked in the past will sink any enterprise incapable of collaboration.


Further complicating the situation is the transformation of the IT environment. Gone are the days when the enterprise IT nervous system consisted primarily of a distributed set of data centers and customized applications—a tough system to manage and secure. (Learn how app waste is a budget buster.)


Today’s model is shaped by data center consolidation. As enterprises move from hundreds of scattered hubs to fewer, more centrally located data centers, applications move farther away from users, highlighting network connectivity challenges such as latency.


The next wave of change will dislodge applications from private networks and central data centers onto cloud service providers—easily the single largest disruption IT has faced in two decades. It will demandWaves - small.jpg flexible ubiquitous networks in an everything-as-a-service ecosystem. It will change the very definition of collaboration. And in the process, it will ignite profound security challenges.


How will your networks and security models evolve to meet these changing demands? By changing your target and your game. By surfing rather than fighting to keep from sinking your enterprise security.


The problem is, legacy security systems have rigid perimeters—from network access controls to outbound proxies—making for often inflexible communications. The structure restrains users by restricting outbound communications while, at the same time, letting others in, exposing them to information they shouldn’t have access to.


You can’t be strong everywhere. So rather than hardening spaces, security must evolve into a system that restricts what users can do based on their identity rather than their location. It’s about securing the data, not the network.


The emphasis will be on “who I am and what I want to do,” rather than “where I am and where I want to go.” Security will also zero in on data, applying a thin perimeter around your user community while encapsulating data in a strong, yet flexible boundary.


We’re calling the first step along this path the Private Internet Enterprise: a hybrid of Internet connectivity and private transport consolidated into a single manageable network. Sensitive applications will be on managed transport while other applications are pushed as a service onto public transport.


What’s the end result? The Open Internet Enterprise where enterprise applications and services are delivered securely over the Internet and the distinctions between “internal” and “external” networks disappear.


The transition will demand considerable effort. But the payoff will be the competitive edge gained through efficient, flexible, and secure collaboration and the ability to successfully ride the wave of IT disruption represented by the emerging ‘as-a-Service’ ecosystem.


Learn more about how to begin the journey to your secure enterprise.  Don’t miss parts 2 and 3 of the series on security: Unlock innovation and collaboration from legacy security networks and 3 ways to safeguard against employee sabotage.


For more information about the solutions to this complex shift of IT and enterprise security, view the Innovation INSIGHT webcast, and join the HP Innovation INSIGHT LinkedIn discussion group

Nadhan | ‎09-14-2011 03:49 PM

Very INSIGHTful article, Brian.  I agree that the threat is no longer external but is internal.  For these very reasons, Small and Medium Businesses are even more susceptible to these security vulnerabilities as outlined in my post on Reasons why Security Best Practices are even more vital to SMBs than large enterprises.

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Showing results for 
Search instead for 
Do you mean 
About the Author

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.