Guest blog by Graham Bronw, Managing Director at Gyrocom.
As part of our ongoing deep dive into the changing landscape of risk and security, we’re speaking with our valued partner community to take a wide cross-section of views from across the market. We asked Graham Brown, Managing Director at Gyrocom, to share his perspective on the subject and explain how organizations can be persuaded to re-think their views on security…
Gyrocom is a full end-to-end solution provider offering professional services, software/hardware and managed services under the banner of the Software Defined Data Centre. Our mission has always been to help companies ‘consume the cloud’. Whether that is public, private or hybrid, we don’t care which clouds they consume – only that they can do it on their terms.
At the heart of this approach is digital transformation. Our customers, no matter the industry or region, are all facing the same pressures to push the digital frontiers, to increase the pace at which they do business, and to match or better the technology achievements of their competition.
Cloud computing has been a critical part of this transformation story, but cloud alone is not the answer to all of today’s business challenges. In their excitement to adopt the latest cloud solutions, it’s easy for organizations to forget about issues around risk and security. Then, when the question does arise, it quickly becomes apparent that while traditional approaches to security may have worked in a pre-cloud world, they are far from adequate when faced with current business demands for speed, flexibility and agility.
Cloud alone is not the answer to all of today’s business challenges
Ultimately, to cope with the cloud era, all aspects of an organization’s IT infrastructure must be ready to scale up and down as and when it is needed. Adding traditional security methods to this scenario is like trying to drive a car with the handbrake on – your organization is instantly limiting the possibilities that cloud offers.
You need a new way of thinking about security, one that can transform it from being an add-on or extension of IT and actually rebuild your infrastructure to incorporate security-by-design. However, attempting to shift customer perspectives on aspects of their IT as fundamental as security, generally presents a significant challenge.
Meeting this challenge is different for every business, but as a starting point it can help to try and place the issue of security into three black-and-white considerations: will it save the organization money; will it make the organization money; or will someone go to jail if the organization doesn’t do it?
And while the latter consideration does resonate quickly with organizations, it’s much easier to challenge hearts and minds with the former reasons.
Critically, VMware NSX offers a way for IT departments to go back to the first principles of network architecture. While traditional security systems would be built with workarounds already in mind to compensate for the fact that many of the independent solutions could not share data, this isn’t the case with NSX. Now everything can be connected, all aspects of the network can ‘talk’ to each other, becoming more efficient and allowing better decisions to be made.
Once you can make this clear, everyone – especially the old-school security technicians – begin to get on board with the idea. After all, NSX’s microsegmentation capability is like a dream come true for the old-guard, finally allowing them to add firewalls and security policy to individual workloads and servers to create a truly distributed system.
NSX’s ability to automate firewall policies is also important, relieving some of the pressure on security teams and allowing them to cut down infrastructure provisioning from weeks to seconds. Now, should a developer come knocking on the door asking for a new test and dev environment, the IT department can securely deliver it by the time the dev makes it back to their desk. This empowers internal IT teams to replicate the efficiency and convenience of plug-and-play cloud services like AWS, eliminating the need for developers to engage in shadow IT practices, placing company data in public clouds where it may not be protected by necessary measures needed.
Security may not be considered the most glamorous function of the IT department but it’s a crucial one. And while it doesn’t always directly contribute to revenues, that doesn’t mean it won’t affect the organization’s bottom line. Investing in security is certain to pay off, not simply in improving the lives of the IT team, but in offering peace of mind to the wider business and ensuring that the organization can stand up against the ever-present threats of cyber attacks, data loss and reputational damage.
For more information on NSX and security, don’t forget to register for VMworld Europe. Click here to register today