You may have heard about zero mail - I would now like to introduce you to the “Zero Network”. Unlike zero mail, the Zero Network is not an official Atos term; it’s my own invention (probably simultaneously coined by others too, I’m sure, but this is my claim to ownership!)
For a long time I have tried to persuade my networking colleagues that we will eventually see the demise of the corporate network. Many businesses have built up large sprawling estates – premises, offices, assets, datacentres and interconnecting communications systems. Often these extend around the world, and we have put up walls (real and virtual) to protect those assets, and the data they contain. Those walls need to envelope our entire interconnected corporate landscape – providing security and control around every end point, every building, and (to the point of this article) all of those wires connecting everything together. “No way”, my networking friends say, “we need our corporate network”!
We put all of this communications infrastructure in place because we want to reduce the risk of breaks in connectivity and potential security incidents as (we think) we are in control it all, and we can therefore protect our environment. But in today’s world I’m saying now that this is impractical; and expensive; and unnecessary. Why? A whole host of reasons. Here are some examples …
- Laptops for one thing. Old technology now, and whilst they do have their own security features, such as disk encryption, they’re disconnected from the core corporate systems – and often plugged in elsewhere too.
- The new norm is the tablet – connecting to random wireless networks on the move, then reconnecting back at base.
- Smart phones – increasingly sophisticated, with the ability to connect to our corporate systems and services. That’s a new access route to our corporate information.
- Employees accessing corporate systems in other ways – from home, from their own machines, for instance.
- Cloud Computing – we’re going to use many different cloud instantiations in future and we’ll need to orchestrate workloads between them. Can we extend our security envelope around all of the Cloud service provider infrastructures too? Not in the same way, I’d suggest.
- Temporary offices – as our businesses become more agile and enter new markets or geographies.
- Contract working – packages of work subcontracted to other businesses or individuals. Providing access only to relevant data without (potentially) compromising other information.
Maintaining one (or more) expansive corporate networks and associated security footprint across our increasingly diverse infrastructures, and coping with the above, leads to massive complexity and many barriers. And these are barriers to productivity, not only in the management of all of that complexity (and the underlying technical “stuff”), but in the productivity of every employee of the company who has to wrestle with the IT infrastructure to do their work.
My vision, therefore, is that the corporate network will … well, okay not entirely, but almost … disappear. Imagine it splitting up and shrinking in size so that it only exists in those places where it really needs to be. Perhaps just covering some key locations, the data centres and in a virtual way the end points that employees use to access the corporate information. Where it doesn’t need to be is all over that interconnecting sinew. Nor in the many corporate workplaces where people often congregate.
What do we need to enable this to happen? Two things spring to mind:
1. A security solution that enables access to information from anywhere and by any means. So that approved, authenticated users (and they alone) can access the corporate information they need. I’ll leave Identity and Access Management there, but that’s a key enabler.
2. Sufficient reliability in the now non-corporate connectivity to enable sustained access to our systems. We’re surely almost there now. Multiple forms of internetworking (and specifically Internet) access are available; ADSL, SDSL, Fibre connectivity solutions, 3G, 4G, WiFi ... We just need to make sure our corporate data is resiliently (and securely) made available to those access mechanisms.
So point 2 is where I’m going with this post. We can now begin to exploit all types of non-corporate network connectivity when building our technical solutions to meet business requirements. Are you ready for it yet? Not everyone is, and it’s not appropriate for every business situation; I realise that.
In previous blog posts we’ve talked about BYO (Bring Your Own devices). One prerequisite for consumerisation (and BYO) is to exploit the use of network infrastructure that is not part of a controlled corporate environment. It’s the information that matters; let’s shrink the corporate network as far as we can … so that it covers just that core business information, and no more.
Reduced complexity ... Reduced cost … Improved productivity ...
… Welcome to the Zero Network.