5 reasons to take security controls to the cloud
Security · Sep 26, 2019
As organizations become more dispersed across multiple locations, many are adopting cloud-based networking to keep their remote sites connected. The shift from traditional Multiprotocol Label Switching (MPLS) networks to the more agile Software-Defined WAN (SD-WAN) creates an opportunity to move security controls to the cloud as well.
Here are five significant advantages that cloud-based security delivers.
#1: Reduced capital costs
With traditional, hardware-based security, every site requires an on premise firewall appliance. With multiple sites, that means buying a device for each location, as well as licenses for the additional capabilities built into the firewall.
With cloud-based firewall, you buy one solution that can apply to all of your sites. And the additional capabilities – URL filtering, malware and virus blocking and reporting – are integrated within the solution. So you end up with one license that covers the full functionality of the solution.
The savings are significant. For example, a small engineering firm with three sites, which move frequently, could spend $400 per month per site for an on-premise managed firewall. The TELUS cloud-based option, which includes Software-Defined WAN (SD-WAN), and Next Generation Firewall, as well as LTE backup, is $210 per month.
In addition to more flexibility, end-to-end management and greater reliability, the engineering firm can save $190 per site with a cloud-based option for networking and security. And the savings per site increase as more sites are added. How much could you save?
#2: Reduced management effort and cost
When you are managing your own security appliances, you need to dedicate resources to keep licenses up to date, monitor the device for alerts, maintain logs and troubleshoot. Administration and monitoring is solely your responsibility.
With numerous sites and devices, those responsibilities multiply per site and device. Even if you have a provider overseeing that management, you still have to pay per site.
When you move security controls to the cloud, you have one virtualized appliance versus multiple appliances per site. All management functions are performed once instead of multiple times, creating greater operational visibility and efficiency. How many IT resources would this allow you to refocus in your organization?
#3: Centralized policy management
Depending on your security requirements, you may need to set different policies for different sites. Each policy requires its own configuration. For example, your URL filtering at head office may block users from YouTube, but a remote site may require access to YouTube.
For each policy, you need to create it, configure it and push it out separately. It can be complex and time consuming if you have a lot of policy variance and multiple sites.
With cloud-based security controls, you have the ability to create policy groups and then push those rules and configurations to each group rather than doing it on an individual basis. With policy groups, you can deploy policies more quickly and efficiently across your whole environment.
#4: Scalability and agility
In an on-premise model, turning up a new site can be time consuming and complex. You have to order all of the equipment, configure the network, address IT requirements and install the firewall.
With a cloud-based solution, the firewall already exists and has been configured. When you add a new site with a cloud-based network, all you need to do to initiate security is make the connection between the site and the firewall.
The same simplicity applies when removing sites. If you have a remote, on-premise firewall, you end up with stranded hardware and licensing investments. Typically, the appliance gets shipped to a warehouse until it can be redeployed at another site. With a cloud-based network and accompanying security, you simply turn the site off with the flick of a switch. There is no wasted investment or responsibility to redeploy those assets. What problems could your IT resources refocus on?
#5: Enterprise-grade technology
Many organizations try to be cost conscious by reserving their enterprise-grade investments for head office and purchasing lower-end devices for remote sites. While that strategy may help to save on costs somewhat, remote sites may end up more vulnerable with fewer security features and capabilities.
With a cloud-based firewall, remote sites can have the same configurations, policies and features available to headquarters. The same software and licenses are attached to the overall solution, eliminating any feature disparity between head office and remote sites.
Consider the cloud
Cloud-based networking opens up possibilities for cloud-based security, enabling you to reduce costs and management effort, manage policies more effectively, scale up or down with less complexity and standardize features across your entire environment.
Interested in reading more about how to assess your networking needs in a cloud first world.
Read the article: Hitting reset on network availability and visibility
For more information about how you can save time and money, visit telus.com/naas.