Recently, a Fortune 500 customer asked us to migrate 5 million lines of URL policies into our cloud solution. This configuration included frequently used websites like Office.com, Linkedin.com, and Box.com as well as hundreds of other URLs and domains that were no longer reachable or registered anymore.
Our first question to the customer was, “Help us understand why you would want to do that?”, in the context of migrating their entire configuration. The reality is that enterprises are not always aware of the latest capabilities of technology, especially when it comes to a fast-paced environment like cloud. After all, you are running a business, not building computer security systems.
Chances are you still have a massive stack of security equipment in your HQ, data centers, and branch offices. Have you paused to ask yourself why? Our internal research has shown large enterprises use and support security equipment from an average of 35 different vendors across the Global 2000. Taking into consideration that the majority of your workforce is now remote (and will be for a while to come), have you wondered why you are still maintaining a legacy VPN technology that backhauls traffic to your offices and consumes additional bandwidth? In your security stack, there is a high probability that you have one or many proxy servers, in some cases, this is the only way to the internet for your employees. Is this architecture still relevant for your business today? Or, are you trying to fit legacy technology into a cloud world?
In today’s organizations, large enterprises have more than 2000 applications and 85% of them are in the cloud. The move to cloud computing has been driven by global accessibility, higher availability, predictable costs, and better performance. Your applications from email (O365/G Suite) to sales (SFDC) to HR (Workday) to helpdesk (ServiceNow/Zendesk/Jira) and collaboration (Slack, Teams, Confluence) are all now hosted in the cloud. Users are accessing these applications in “direct-to-net” and “direct-to-cloud” fashion. Legacy, on-premises solutions like proxy servers have no visibility to any of these applications. Next generation firewalls are also completely blind to this traffic and provide no security which ironically now makes them a legacy solution, despite the “next generation” moniker.
This leads to the next couple of questions we asked:
- Do your security controls follow your users at home, at coffee shops, at airports, at shared office spaces?
- Have you dramatically changed the technology you use to secure your business and your employees in the age of cloud?
While the global pandemic will eventually subside, the cloud is here to stay. The pandemic has accelerated the adoption of cloud for even the most conservative of enterprises.
It’s time to focus on the way forward.
The migration from on-premises proxy servers to a true cloud solution
For today’s discussion, let’s focus on proxy servers. We could talk about the entire security stack that large enterprises have, but that is a very broad topic and one that is best broken into pieces to make it easier to digest.
Why are we focusing on the proxy? Because companies have been relying on proxy servers for years to provide visibility, reporting, and control over their users’ web activities. But in the era of cloud applications, they simply cannot provide what organizations need. Proxies were designed and built in a pre-cloud era. They were not built for users who are remote and accessing applications hosted in the cloud directly. Also, proxies were not designed to understand the language of the cloud applications (API/JSON/tenants/instances). Applications are written