It seems that the current trends of virtualization and collaboration sprung upon us overnight. But in reality, we have been moving toward a virtual IT world since time-sharing was invented. The Internet itself is nothing more than a virtual network.
With our heightened awareness toward security in today’s competitive marketplace and the trend to run all corporate traffic over a virtual network, it’s time to ask - is the virtual network that is running my business secure?
What Virtual Private Networks Really Are
Virtual Private Network (VPN) technology provides private connections over a shared service provider network. Many consider VPN technology to be safe and secure, but the word “private” in Virtual Private Network does not imply confidentiality; it strictly means that a portion of the service provider’s shared network is set aside for your private use. That’s it. There is no inherent data security or confidentiality with a VPN.
Modern Networking for Global Business
Globalization has provided 24/7 productivity by distributing work around the globe. Outsourcing, either locally or over long distances, has allowed corporations to focus on the strategic values of the corporation while also being able to move the creation of that value around the world.
With Globalization, we have entered into the age of the network as a business platform. Networks follow business practices because business runs on applications. Applications follow end users because end users are looking for new ways to be more productive. New applications like VoIP and IP Video are being deployed to improve personal productivity. VoIP and IP Video have improved our corporate productivity by increasing the collaborative power of teams. These new worldwide applications require high capacity, high speed, low latency and fully meshed networks to be implemented effectively. Network Service providers have responded by delivering fully meshed, multicast MPLS and Carrier Ethernet services.
The new global networking buzzwords are anytime and anywhere computing.
Increased Vulnerabilities with Converged Networks
Multiple networks are also being converged into a single infrastructure due to the cost savings of combining multiple networks. One network infrastructure, based on Ethernet framing and Internet Protocol (IP), is now carrying all corporate data, including voice, video, text, file, and real-time transactions. This means that if someone accesses you data stream, they have access to everything!
Simply put, the more corporate data one puts on a shared service and the more the data moves, the more at risk that data is of theft or compromise.
Best Practices for Data Security on Converged Networks
Now that networks are converged and all communications are running over one virtualized network, one must proactively take steps to protect that data. Again, Service Providers simply supply a pipe to send the data on. Organizations need to encrypt the data at the application source or encrypt the data before it enters the network. The choice is yours to make. Just keep in mind that unless data is encrypted, the data packets are traversing networks in the clear wherever the network is.
As the world continues to move forward building converged virtual global networks, network personnel need to remember to encrypt it end-to-end. Security professionals have the unending challenge of trying to protect against all possible threats while the attacker only needs to find one weakness. Why let a strategic, low latency, anytime, anywhere network become that weakness? Encrypt it and encrypt it now!
Scott Palmquist is senior vice president of product management of CipherOptics, a Raleigh, N.C.-based network-wide encryption solutions provider. Offering an innovative policy and key management solution, coupled with high speed, low latency encryption technology, CipherOptics helps its customers mitigate the risk of data leakage, loss and theft over any network. He may be reached at scott.palmquist@cipheroptics.com
Scott Palmquist is with CipherOptics.
