Following our research into risk and security for modern businesses, we have been speaking with some of our partner community to take a wide cross-section of views from across the market.
We asked Graham Brown, Managing Director at Gyrocom, to share his perspective on the subject and explain how organisations can be persuaded to re-think their views on security…
At Gyrocom our mission has always been to help companies ‘consume the cloud’. Whether that is public, private or hybrid, we don’t care which clouds they consume – only that they can do it on their terms.
At the heart of this approach is digital transformation. Our customers, no matter the industry or region, are all facing the same pressures to push the digital frontiers, to increase the pace at which they do business, and to match or better the technology achievements of their competition.
Cloud computing has been a critical part of this transformation story, but cloud alone is not the answer to all of today’s business challenges. In their excitement to adopt the latest cloud solutions, it’s easy for organisations to forget about issues around risk and security. Then, when the question does arise, it quickly becomes apparent that while traditional approaches to security may have worked in a pre-cloud world, they are far from adequate when faced with current business demands for speed, flexibility and agility.
Ultimately, to cope with the cloud era, all aspects of an organisation’s IT infrastructure must be ready to scale up and down as and when it is needed. Adding traditional security methods to this scenario is like trying to drive a car with the handbrake on – your organisation is instantly limiting the possibilities that cloud offers.
You need a new way of thinking about security, one that can transform it from being an add-on or extension of IT and actually rebuild your infrastructure to incorporate security-by-design.
However, attempting to shift customer perspectives on aspects of their IT as fundamental as security, generally presents a significant challenge.
Meeting this challenge is different for every business, but as a starting point it can help to try and place the issue of security into three black-and-white considerations: will it save the organisation money; will it make the organisation money; or will someone go to jail if the organisation doesn’t do it?
And while the latter consideration does resonate quickly with organisations, it’s much easier to challenge hearts and minds with the former reasons.
Critically, VMware NSX offers a way for IT departments to go back to the first principles of network architecture. While traditional security systems would be built with workarounds already in mind to compensate for the fact that many of the independent solutions could not share data, this isn’t the case with NSX. Now everything can be connected, all aspects of the network can ‘talk’ to each other, becoming more efficient and allowing better decisions to be made.
Once you can make this clear, everyone – especially the old-school security technicians – begin to get on board with the idea. After all, NSX’s microsegmentation capability is like a dream come true for the old-guard, finally allowing them to add firewalls and security policy to individual workloads and servers to create a truly distributed system.
NSX’s ability to automate firewall policies is also important, relieving some of the pressure on security teams and allowing them to cut down infrastructure provisioning from weeks to seconds. Now, should a developer come knocking on the door asking for a new test and dev environment, the IT department can securely deliver it by the time the dev makes it back to their desk. This empowers internal IT teams to replicate the efficiency and convenience of plug-and-play cloud services like AWS, eliminating the need for developers to engage in shadow IT practices, placing company data in public clouds where it may not be protected by necessary measures needed.
Security may not be considered the most glamorous function of the IT department but it’s a crucial one. And while it doesn’t always directly contribute to revenues, that doesn’t mean it won’t affect the organisation’s bottom line. Investing in security is certain to pay off, not simply in improving the lives of the IT team, but in offering peace of mind to the wider business and ensuring that the organisation can stand up against the ever-present threats of cyber attacks, data loss and reputational damage.
Find out more about VMware’s Risk and Security research here. You can also hear from other VMware partners – including Intel and Atea Denmark – by regularly visiting the blog.
For more information on the VMware Partner Programme, visit: http://www.vmware.com/uk/partners.html
Gyrocom is a full end-to-end solution provider offering professional services, software/hardware and managed services under the banner of the Software Defined Data Centre. Gyrocom focuses on mid to large UK enterprise companies across a range of verticals, predominantly retail and finance.