Unlocking the business value of IT security

A successful Chief Information Security Officer (CISO) understands that business risk, and the business attitude to risk, are key drivers for a strong IT security strategy

A successful Chief Information Security Officer (CISO) understands that business risk, and the business attitude to risk, are key drivers for a strong IT security strategy. A strategy that can balance acceptable risk,measured in terms of real business impact, while responding to business needs across a 24 or even 36-month outlook is a true value add;implemented in the field and recognised in the boardroom.

 

Today, there are two major trends confronting the CISO: consumerisation of IT and the advent of cloud services. These two trends feed each other in a positive feedback spiral, with the explosion of mobile bring your own device (BYOD) users consuming ever more cloud-based services that span consumer and business applications

.

The challenge, therefore, is to understand the business risks in comparison to the potential benefits of such trends in order to reach a desired balance. And a fundamental outcome of risk management is the IT security strategy.

 

The business opportunities of consumerisation and cloud are well documented, if not well understood. Cloud-based service delivery presumes a pay as you go (PAYG) charging structure that gives access to elastic compute and storage resource that is either hosted within the private enterprise domain, the public domain or is a mixture of both, known as hybrid.  The BYOD phenomenon makes use of the IT-savvy workforce and increases productivity through immediate and effective access to services. The combination of consumerisation and cloud allows previously unattainable levels of business agility. Users now have instant access to a rich mix of social  and business applications, independent of the storage and processing power of the end device, and from any device in any location.

 

However, the combination of increased mobility of the user, un-managed devices and the virtualised data centre - from which cloud services are delivered - leads to a number of security challenges not previously experienced by the enterprise or service provider.

 

At the highest level, there is a need to deliver clean clouds, which can be understood as an attack-free zone to host and provide services in both the public and private domains. The next step of the challenge is to ensure that the largely un-managed devices accessing on-demand services are infection-free and can connect securely, without compromising data in transit.

 

Juniper Networks delivers innovative network security technology that underpins clean clouds. Juniper’s integrated portfolio of software and appliances combine to create an end-to-end cloud security architecture. The architecture is built on the premise of simplifying the delivery of secure cloud services, establishing attack-free zones within the virtualised data centre and ensuring the secure connection - and infection -free status - of mobile and fixed devices.

 

  • CISOs should look for a number of key elements in a cloud security architecture:
  • An open and scalable architecture that will enable your business to adapt continuously to evolving security threatsand to the needs of your business, in line with your risk management strategy.
  • Integrated physical and virtual security capabilities within the virtualised data centre to enable consistent and easily deployed security policy enforcement across the physical and dynamic virtual domains.
  • Visibility and insight to support proactive risk management and rapid threat response in a dynamic environment.
  • Automated and simplified processes to mitigate human error, both in terms of design and operational concerns, and minimise time to react.
  • Mobile device security, access and management functions that can be deployed through a simple app store to the user device for ease of deployment, integration and adoption, and which can be operating system-agnostic in support of BYOD policies.
  • The ability to deploy standards-based and federated access security across the enterprise and service provider boundary to support hybrid cloud deployments under CISO policy control.

 

 

If you are eager to unlock the value of IT security - in the cloud, on the move, anywhere - for your business, you should be talking to Juniper Networks. You can find out more at: www.btengageit.com/juniper

Call us on 01246 574000
or, request a callback