EDITOR ’ S QUESTION
DON BOXLEY , CEO AND CO-FOUNDER , DH2I
Cloud complexity is a large and growing problem facing organizations of all types and sizes , around the world . It can occur for a number of reasons ranging from the rapid and haphazard adoption of cloud resources , to the deployment of too many clouds , to trying to leverage outdated technology and / or methodologies together with today ’ s modern clouds .
However , for those that are unable to reign-in this problem , they can expect to face very serious challenges across operational performance , cost , security , protection , legal and / or regulations compliance .
My advice to those facing cloud complexity challenges is to first take inventory , and look for any outdated technologies or methodologies that might not only be hampering progress and transformation , but might also be putting the organization at risk .
A prime example of this is Virtual Private Network ( VPN ) technology . VPNs simply were not built or intended for today ’ s multi-cloud environment , and are unable to support the way we work today . Traditional VPN and direct link approaches are not only cumbersome and expensive to maintain , VPNs open up the entire network to lateral movement , introducing a huge security risk .
My advice is to help reduce cloud complexity and risk , eliminate outdated and vulnerable VPN technology , and instead deploy a solution that takes a more secure approach – one that gives users app-level access rather than network-level access , reducing the attack surface .
The ideal solution should do all of this with the most secure and performant approach to create a Software Defined Perimeter ( SDP ) to grant connectivity to distributed apps and clients running across multiple sites , clouds and domains .
And since reducing complexity is the goal , my advice is to choose an SDP solution that is incredibly easy to install and configure . You should be able to install it on any Windows or Linux machine that you wish to use as a gateway . And , you should be able to set up as many app-specific micro-tunnels as you wish .
In this way , local clients can connect securely to the remote service by connecting to the local gateway port . Further , it is important that remote users outside of the local network be able to install the SDP on their devices to connect to the tunnels they have been granted access to , and can do so quickly and securely from anywhere .
Of course , we now live in a highly connected world . My next piece of advice is to ensure the SDP solution also offers network connectivity for Internet of Things ( IoT ) deployments .
The SDP software should be able to extend to the Edge , allowing seamless bi-directional communication between edge devices , the data center , cloud and remote locations .
Secure communication should be achieved without the use of legacy approaches such as VPNs , SD- WANs or open ports . The SDP solution should be built and intended for IoT use cases where edge devices need to communicate with other devices , resources , applications or clouds .
34 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com