How do organizations connect to the cloud?
With cloud services, an external service provider (such as Microsoft) hosts your data. They manage all hardware, software, networking, and supporting infrastructure in their data centers. This means that part or all organizational data will be housed in a datacenter miles away from your organization's location when utilizing M365 Cloud Services. M365 Cloud Services is a distributed Software-as-a-Service (SaaS) cloud that provides productivity and collaboration tools.
Traditional On-Premises Networking Security

   Perimeter-Centric Model 
On-premises networks are designed with a strong perimeter security focus. Users typically access applications and data hosted within company-operated data centers from within the corporate network or via VPN connections.

   Assumptions 
The traditional model assumes that users operate from controlled locations (such as offices) and connect over WAN links or VPNs.

   Latency and Optimization Challenges 
However, as organizations adopt cloud services, some services and data move outside the network perimeter. Traffic between users and cloud services can suffer from latency due to packet inspection, network hairpins, and connections to geographically distant endpoints. Additionally, organizations need to anticipate internet connection bandwidth since some services will operate within M365 datacenters leading to increased internet bandwidth consumption to the cloud.

   Security Challenges 
Perimeter security alone is no longer sufficient, especially when remote users connect from uncontrolled locations like homes, hotels, and coffee shops.
Traditional On-Premises Networking
Traditional Hybrid Cloud Networking
How do organizations handle security with a hybrid model?
Understanding Perimeter Security vs Endpoint Security
Perimeter Security
Perimeter security focuses on securing the boundaries of a network. It aims to prevent unauthorized access from external sources.
Key Components
Firewalls: These act as gatekeepers, filtering incoming and outgoing traffic at the network perimeter.
Intrusion Detection/Prevention Systems (IDS/IPS): These monitor network traffic for suspicious patterns and block potential threats.
Virtual Private Networks (VPNs): Used for secure remote access to the internal network.
Network Access Control (NAC): Enforces policies for devices connecting to the network.
Implications
Limited Protection: Perimeter security is effective against external threats but provides limited protection for internal threats.
Assumes Trusted Internal Network: It assumes that internal network traffic is trustworthy.
Challenges with Remote Work: In the era of remote work, perimeter security faces challenges due to users accessing resources from various locations.
Endpoint Security
Endpoint security focuses on securing individual devices (endpoints) within the network. It recognizes that threats can originate from both external and internal sources.
Key Components
Antivirus/Antimalware Software: Protects endpoints from malicious software.
Host-Based Firewalls: These filter traffic at the device level.
Device Encryption: Ensures data confidentiality.
Patch Management: Regularly updates software to address vulnerabilities.
Behavioral Analysis: Monitors endpoint behavior for anomalies.
Implications
Holistic Protection: Endpoint security covers all devices, regardless of their location.
Defense-in-Depth: It complements perimeter security by adding layers of defense.
Challenges with Diverse Devices: Managing security across various endpoints (laptops, mobile devices, IoT devices) can be complex.
User Awareness: Users play a crucial role in maintaining endpoint security (e.g., avoiding suspicious links).
Combined Approach
Best Practice
Organizations should adopt a combined approach that integrates both perimeter and endpoint security.
Zero Trust Model 
This model assumes that no device or user is inherently trusted, emphasizing continuous verification.
Cloud and Mobility Considerations 
As more services move to the cloud and remote work becomes prevalent, endpoint security gains prominence.
User Education
Educating users about security practices is essential.
Summary
While perimeter security guards the network’s outer boundaries, endpoint security protects individual devices. A holistic strategy that combines both approaches ensures comprehensive protection against evolving threats. Having a centralized management, security, reporting, and incident alert system can help organizations respond to threats both on-prem and cloud. 

You may also like

Back to Top