Securing Your Internet Infrastructure is Securing Your Enterprise

The virtualizing enterprise is characterized by its embrace of data center and desktop virtualization, mobility, and unified communications, and by its complete integration of the Internet into the infrastructure — to connect to its customers, its partners, and its own users. As always, business lines, end users, customers, and partners demand more (and more reliable and better performing) services from the enterprise. Moreover, they want access to those services from any platform, connecting from anywhere in the world, at any time. IT is increasingly meeting those demands with a heady cocktail of Internet-delivered services; those originating in their own data centers, partner data centers, managed-hosting or co-location facilities, as well as SaaS and, increasingly, platform as a service (Paas) and infrastructure as a service (IaaS). Already, 79% of organizations use at least one SaaS tool, and 20% use more than five. Overall, organizations expect to more than double that number of applications by 2013. Half of all organizations use direct-to-branch Internet access fro some or all their branches, and for many small branches the Internet VPN is their only link to the company network. This makes the Internet integral to all operations, not just those facing outwards: branches that can’t communicate with back end systems over their Internet VPN, or sales staff who can’t reach the CRM solution because the Internet connection is swamped, are sales staff whose ability to do their work has been limited or eliminated. As SaaS solutions move steadily in to provide even the most basic productivity tools such as email and word processing the problem only gets more acute. IT needs to be taking a sharply focused look at how vulnerable their infrastructures are, starting from the physical layer: (Do you have redundant links that are not likely to be cut simultaneously?), to the network layer (Do you have a strategy for transition to IPv6?), to the application layer (Are you able to detect and repel denial of service attacks launched via well-formed traffic against your applications?). Failing to consider any of the layers between access and applications can have the same disastrous effects.