A Fresh Perspective on Enterprise Security

Businesses need to evaluate and take a fresh look at their enterprise network security, ensuring it is effective while maximizing their ROI by protecting both the network infrastructure and its end users with user-centric security.

“The Alcatel-Lucent Security Blueprint helps you to secure voice and data while maximizing your employee productivity by removing threats to your networks and applications”

To date, security teams have focused on building network perimeters and securing each application individually to mixed success. IT departments have spent a lot of time and effort on a defensive and perimeter-centric approach to keep cyber criminals and malware off of the enterprise network. However, sometimes these security-related efforts have made it more difficult for employees to do their jobs and for the enterprise to be competitive.

The reality of current approaches to application security is that any one application alone does not have a complete picture of what a user is attempting to do while connected to the corporate network. Therefore, despite all the efforts to build security into applications there are still many breaches.

In addition, despite all of the industry standardization around security for applications and networks, the operational side of security carries large costs and still leaves large gaps for many enterprises, especially when the need to be compliant with new pieces of legislation is factored into the mix.

User-centric security

Enterprises need a fresh perspective on enterprise security for it to be effective and to maximize their ROI. Enterprise security must be adapted to protect both the network infrastructure and its end users with user-centric security delivered from within the network.

By using this approach, enterprise security is more dynamic. It ensures security mechanisms evolve to protect the enterprise against new threats that continue to emerge at an ever increasing rate. And it can ensure that as security events occur, the security infrastructure can make automatic adjustments to policies, significantly reducing security risks in the future.

With user-centric security enterprises can also retain a level of openness. They can ensure business processes are able to function as efficiently as possible because security does not get in the way of the users. This also means that the interfaces are open and enable secure connections with cloud computing platforms, with Web 2.0 platforms and with external business partners, whenever required.

Trusted dynamic enterprise

With user-centric security a dynamic enterprise becomes a trusted, dynamic enterprise for:

• Employees – by surrounding them with security to ensure they are protected and enabled to carry out their expected role efficiently

• Business partners – by ensuring all information and shared business processes are secured so they can be sure the risk they take in "connecting electronically" with the enterprise is minimized

• Customers – by ensuring all private information will remain secure and thereby minimizing the risk of doing business with the enterprise

To make these possible, enterprises must change how they view, adopt and measure security. They must view security as a positive enabler and a dynamic, integral, part of the enterprise with a focus on managing risk, protecting data and controlling cost, rather than as a static add on.

Managing risk ensures reduced risk of external intrusion and Internet-based attacks with always on, persistent security, increased visibility on enterprise security risk profiles, and demonstrated and enforced compliance.

Protecting data delivers a controlled information flow and non-repudiation for transactions with security extended to remote and mobile workers, and preempted internal fraud and information breaches.

Controlling costs brings improved productivity with transparent security, enabling improved access to information and services, enhanced security that leverages existing infrastructure, and reduced security operations costs with centralized management.

The end result is a trusted, dynamic enterprise with open and secure interfaces to communications, data and services that enable the enterprise to take advantage of new collaborative business models.

The enterprise is protected against new threats, protects private data, and complies with governance requirements.

The User Centric Security Blueprint

A user centric security blueprint enables transformation to a trusted, dynamic enterprise. It ensures efficiency for enterprises as they make this transformation by taking advantage of the latest security solutions to drive business performance. At the same time, enterprises manage risk, protect private data, and are compliant. With the blueprint, enterprises can satisfy the demands of employees, business partners, and customers for always-on, always available voice and data applications that can be accessed from anywhere and at any time.

The blueprint looks at security for the enterprise as being delivered from within the network to protect across networks, people, processes and knowledge. Following the blueprint allows the enterprise to benefit from:

• A network – that is user-aware and provides security for voice, data and mobility, and enables compliance with policy enforcement and audit

• People – securely collaborating across organizational boundaries, leveraging business-to-business relationships, Web 2.0, and cloud computing without security-imposed human productivity barriers

• Processes – that are agile, automated and secured with always-on security

• Knowledge – in the form of private data that is protected, and any knowledge sharing that is secured

The user centric security blueprint prescribes a global, corporate-wide security infrastructure that provides a consistent application of security across the entire corporation. At the same time it includes the separation of security from endpoints and applications, and development of an independent chain of control for security, regardless of the endpoints to be protected. Most importantly, it mandates always-on and highly available security that is transparent to the end user.

The user-centric security blueprint for transforming to a trusted dynamic enterprise is intended for enterprises of all sizes. It covers the need for security to extend beyond the physical borders of each enterprise site as enterprise perimeters become virtualized. Enterprise security must enable a secured internal environment for the global enterprise that connects all sites and includes secured access to service providers, cloud-based services, and remote locations visited by employees. This blueprint describes the elements require to:

• Secure the voice and data fabric of the network given new requirements for security
• Truly empower the employees of the enterprise to maximize productivity
• Drive down the cost of securing the enterprise
• Deliver the information concerning security that must be managed

For more information on how to apply the user-centric security blueprint, visit: http://enterprise.alcatel-lucent.com/?solution=Security&page=Homepage