How Remote Work Continues to Propel Network Innovation

Enterprises are seeking new ways to extend security across distributed environments that include IoT networks, mobile workforces, and multicloud deployments.

The Covid-19 pandemic drove a wide swath of the economy into work-from-home and hybrid environments, and now many corporations are pushing employees to come back to the office fulltime. In a recent ResumeBuilder survey of 1,000 corporate decision makers, 90% of respondents said their company will institute, or already has instituted, return-to-office policies.

Many employees are pushing back, however, and arguing that remote work has made them more productive, less stressed out, and better able to balance work-life commitments. In a Cisco survey of 28,000 full-time employees, 78% of respondents said that remote and hybrid work improved their overall well-being. If employers insist on forcing workers back to the office, many say they would rather quit than comply.

No matter how the corporate office vs. home office battle plays out, the enterprise edge will never go back to the way it was, and enterprise networking and security teams need to find innovative ways to provide security across IoT networks, mobile workforces, and multicloud deployments.

Legacy architectures offered one clear advantage; they restricted the points of entry into an enterprise network. However, with the advent of the cloud and SaaS replacing traditional on-premise applications, employees and workloads have become widely distributed across various geographical regions.

Ramesh Prabagaran, CEO of Prosimo, a multi-cloud networking startup, has suggested that the significant increase in network entry points demands not merely point solutions for specific enterprise network issues, but a complete overhaul of the concept of enterprise network.

CEO of SASE vendor Versa Networks, Kelly Ahuja, also identifies the continual growth of the edge as a cause of myriad challenges. He expressed, “The need to provide a secure, consistent, and seamless user-to-application experience from any location will be of paramount importance for every IT organization leaning towards cloud-first”. “Companies are rapidly moving workloads to multiple clouds and embracing SaaS. Employees must access these workloads from any location, but the accessibility and tools can differ significantly based on location.”

Both Prabagaran and Ahuja emphasize that the conventional OSI stack has become a barrier to innovation. They suggest that it needs to be reconceptualized to address the current and forthcoming threats.

Innovation on the existing network architecture paradigm will require networking, user experience, security, and cost functions to be blended. The seven-layer architecture accompanied by dozens of stakeholders in IT won’t work,” Prabagaran said. “True innovation will be in the stack, and it will be centered around the work done by network architects to harmonize all these demands into a new single network layer for experience, security and connectivity, and cost management. While there’s certainly a place for innovative point solutions, this rethinking is required before AIOps or any innovative networking solution can be deployed.

Ahuja believes that the next wave of enterprise networking innovation will focus on integrating security features into the networking stack, giving enterprises the ability to provide “granular and posture-based access to protect the business.”

“The network is not one network – it’s the LAN, WAN, and data center,” Ahuja said. Each of those networks could contain some combination of Ethernet, Wi-Fi, MPLS, wireline broadband, etc. Meanwhile, extending security beyond traditional perimeter protections involves complicated trade-offs that often negatively impact the end-user experience.

“Enterprises need a new approach that delivers security built into the network, so protection can happen at every edge (LAN, WAN, cloud), threats are detected and dealt with instantaneously at every edge, and a user/app-aware network can deliver the right experience,” he added.

Startups Airgap Networks and Graphiant contend that for addressing modern security threats, networking and security need to be closely merged. The traditional corporate boundary has disappeared and there’s no way it’s returning, irrespective of employee location.

The focal issue, according to Graphiant CEO and founder Khalid Raza, is using the internet for connectivity. He said, “To rectify the business internet, we have to substitute the connectivity aspect with a superior alternative.” Raza believes that networking models which extend the border but necessitate specific tunnels for each connection offer only temporary solution to modern dangers and cannot possibly scale to meet the demands of remote work and the Internet of Things (IoT).

The CEO of Airgap Networks, Ritesh Agrawal, concurs that the growing corporate boundary brings to light the inadequacies of conventional architectures. He stated, “The data centre’s boundary will keep getting extended towards the end-user environment. This covers traditional employees as well as larger risks like enterprises granting third-party support staff access to crucial infrastructure”.

In some situations, such as with contract manufacturers, the equipment might not be owned by the manufacturer. The ownership lies with customers who need access via the manufacturer’s network, hence laying open a poorly secured backdoor for potential attackers.

Airgap Networks proposes that the optimal approach for innovation in enterprise networking and security is to employ the proven methods of network segmentation used by telecommunications companies to safeguard their mobile networks on enterprise LAN and WAN.

Graphiant points out that complexity is the biggest weakness of enterprise networking. With the expansion of edge computing and ongoing cloud migrations, enterprise networking has become extremely complex and filled with vulnerabilities. Graphiant provides a service resembling SD-WAN or SASE, but without the intricate overlays.

Graphiant’s “label-switched network” bifurcates WAN data and control planes and optimizes traffic delivery across its infrastructure, based on policies established by users. The network structure merges cloud-based routing and control resembling SD-WAN with a unique metadata protocol.

Various SD-WAN and SASE vendors, including Cato Networks, Palo Alto Networks, Versa Networks, and Zscaler, are also exploring ways to combine zero-trust security with various SDx services. They aim to control complexity by incorporating more networking and security functions into their services, hoping to evolve into comprehensive platforms that enable customers to discard complicated multi-vendor deployments.

Agrawal discusses the recent Okta breach as indicative of the potential risks associated with complex network designs that necessitate intricate tunnel overlays. In an attack occurring in January 2022, LAPSUS$ group hackers managed to secure remote entry into Okta’s internal systems by exploiting a jump server used for granting accessibility to third-party customer-support provider, Sitel. This allowed the infiltrator to gain sight of unencrypted customer credentials.

The following year in 2023, Okta experienced another intrusion, eerily mirroring that of the 2022 breach. This incident resulted in yet another exposure of customer credentials, leading to additional difficulties for Okta customers.

An additional instance of growing perimeters compromising security can be seen in the current ransomware attack on MGM Resorts International. The attackers infiltrated MGM’s internal systems by pretending to be an employee. Using this employee’s LinkedIn account, they fooled MGM’s help desk into assisting with the recovery of the “forgotten” credentials of their target. After gaining access to the network, the attackers infected MGM’s systems with ransomware that had a profound effect on a variety of business-critical systems, leading the casino to suspend everything from ATMs to gaming machines, even hotel keycard systems. This attack caused MGM to halt operations for a minimum of 10 days.

In contrast, when ransomware infiltrates a telco network, it quickly comes to a halt; Agrawal explains this by citing how mobile networks are compartmentalized in a manner that makes it tough for malware to propagate from one device to another.

Airgap has introduced a ransomware kill switch to the enterprise world, which effectively halts lateral movement by a mere click on the security dashboard. The company has further fortified its security offerings with the launch of a disposable jump box service, eliminating the risk of using a single jump server for connecting to the main network.

A growing number of networking vendors are incorporating AI and machine learning in their services for enhanced routing and policy enforcement. Experimental technologies like quantum cryptography are also on the trial stage by various vendors.

“Reliable, business-class connectivity remains a challenge in many parts of the world,” cautions Karl Horne, the vice president of cloud solutions at SES, a satellite operator. He emphasized on the increasing trend of remote work necessitating enterprises to hire personnel from around the globe. However, unreliable network connectivity in certain rural, semi-urban, or even urban regions can pose obstacles.

Horne advocates for satellite-delivered broadband, citing recent advancements that bring it to the mainstream. The indispensable role of Starlink in providing mission-critical connectivity under intense battlefield circumstances in Ukraine and Taiwan attests to the potential of satellite-based internet.

Horne posits that as the capability of satellite Internet to interface seamlessly with land-based networks advances, it may strengthen the prevalence of remote work. He mentions, “Over the past decade, revolutionary advancements in satellites have provided high-performance connectivity which can potentially augment existing terrestrial networks to ensure people in remote locations can carry out daily tasks efficiently.”

However, creating secure connections for individuals in distant locations, even with comprehensive, space-based coverage, will continue to be problematic. However, is there a chance that quantum encryption could be a solution?

Mike Anderson, who holds the position of chief digital and information officer at Netskope, a Secure Access Service Edge provider, declares that incorporating quantum principles in networking does not constitute a mere upgrade, rather, it signifies a revolution. To him, the concept of safeguarding every piece of data transmitted over a corporate network with quantum encryption is a game-changer. He contends, “This move surpasses matters of speed and efficiency; it’s about re-envisioning network security and data processing from a fundamental level.”

Not only could quantum encryption drastically change the landscape of data security, but it could also pave the way for groundbreaking digital innovation. Anderson juxtaposes present networks to dial-up Internet when compared with the potential of quantum encryption. He continues, “Despite the fact that quantum computing and networking are still relatively in their nascent stages, there is a noticeable uptick in activity. Major technological firms and academic institutions are pouring billions into researching quantum capabilities.”

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Elon Musk's Reasons for Open Sourcing Grok - His Response to ChatGPT

Next Article

Epic Games Start Refunding Fortnite Players for Purchase of Two Specific Emotes

Related Posts