Secure All Your Distributed Locations to Protect the Core

How many locations does your enterprise have?

It’s a trick question today. There are traditional categories of large enterprise that have always operated through branches. Think about retail or restaurant chains and large consumer bank brands. These sites help shape the built environment in communities large and small. And those enterprises probably have a good idea how many of these branches they have.

Today, though, we can understand sites of business as something more than just a brick-and-mortar structure. Technologically, any site at the edge of the enterprise network that generates data and uses applications for the benefit of the larger enterprise is a business location. The bank or fast-food restaurant on the corner is still a branch by this definition. So is a hybrid workforce employee’s home or an Internet of Things (IoT) device. Technologically speaking, virtually every large enterprise now operates through branches or locations of one type or another. Some of them happen to be brick-and-mortar with signage, but a growing number of them are not.

And once we define sites of business – or “branches” – this way, do you know how many you have? More importantly, have you extended your security protocols to all of them?

Complexity and technical debt multiply

Securing this modern enterprise with its many locations is no trivial matter. Some companies started out by backhauling traffic to a central data center for security provisioning. That gets cumbersome fast, increasing the complexity of traffic flows and introducing latency into the applications.

Other options might include deploying new equipment to secure those branch sites. In the past, many traditional brick-and-mortar branches had physical gateways, firewall appliances and other hardware deployed. That, too, can get cumbersome and not necessarily practical since some of these new technological sites might be IoT devices monitoring other equipment. You could spend thousands on new gear to protect IoT devices that cost a lot less. It can also require ongoing support, maintenance, and an upgrade path. That gets even more impractical – even a traditional “branch” like a retail bank on the corner doesn’t have much IT support on premises. And it’s unlikely you’re going to put all that gear into each employee’s home.

These stopgap measures are the very definition of “technical debt.” It might work for a while, but you’re going to have to come up with a better solution eventually. It would be better to put the resources into coming up with the long-term solution initially.

Architecting the modern distributed enterprise

In thinking through a better security solution, it’s important to remember that you’re not just securing the various locations, however defined. You’re protecting the core from attacks that might use that branch as an avenue for entering the network and penetrating deeper into the enterprise.

Security needs to move to the edge to avoid cumbersome or expensive half steps. A lot of the hardware-oriented solutions from the past have evolved into software. That shift opens new possibilities whether you’re protecting a brick-and-mortar outpost or an IoT device.

Different types of software technologies can be integrated into a security framework. By deploying that framework at the edge, you can secure all your business locations and also erect barriers to exploits aimed at the enterprise core. One such framework is Secure Access Services Edge (SASE). SASE simplifies security by allowing that software to be served as a service through edge compute facilities.

It can all be centrally managed by a provider. This allows increased visibility across the IT environment so that patterns – especially those indicating coordinated attacks – can be identified centrally and early. Because SASE is a framework in which multiple technologies must be integrated, a provider such as Lumen can choose the best-in-class components tailored to a given enterprise’s needs. You protect the branches, and you also contain any breaches well before they can gain access to core resources.

How many business locations do you have? Let’s go secure them together.

This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. All third-party company and product or service names referenced in this article are for identification purposes only and do not imply endorsement or affiliation with Lumen. This document represents Lumen products and offerings as of the date of issue.