The Benefits of Simplified Network Security

Networking and infrastructure and operations (I&O) teams often feel that they are facing contradictory challenges. 

They are expected to manually maintain the complex legacy infrastructure that keeps the business running, while also finding capacity and licence to help their organizations innovate at a time of rapid technological change. With Gartner estimating that 50% of organizations have automated less than 25% of their network activities, it is not surprising that teams feel like their workloads are unsustainable – a recent InfoTech survey reported that 70% of I&O teams report moderate or increasing stress in the workplace.

It doesn’t have to be this way. Modern network security solutions such as Security Service Edge (SSE), have the potential to relieve much of the pressure facing networking, infrastructure and operations teams. 

Industry analysts at Forrester put this to the test recently when researchers spoke to  a number of Netskope customers in an attempt to calculate the impact that switching to SSE has had on their team, operations and overall organization. In this post, I’m going to pull out some of the key findings across three areas: reducing operational inefficiencies, minimizing unplanned downtime and improving both security efficacy and user experience.

Escape operational inefficiencies

When I first read Forrester’s research, a clear pattern jumped out. Teams spend far too much time troubleshooting and maintaining fragmented systems with outdated tools. Instead of focusing on strategic tasks, the customers Forrester spoke to were manually updating security policies and patching issues across a segmented network, constantly running at full pace just to keep things functioning.

As one VP of digital experience at a financial services business put it:

“We had a bunch of side networks that were on-premises proxies. They cost a lot to maintain, didn’t always work great, and our visibility into them was terrible…[To resolve issues] we had [phone] bridges between 10 and 20 people from security, network, and all walks of life from support."

That same customer reported that modernizing the network had made a huge difference to these operational pressures. By simplifying and streamlining workflows, they found it was possible to automate a slew of previously manual tasks and processes.

The VP of digital experience went on to explain that now, instead of troubleshooting, their “[internal] resources [that used to cover support] have gone on to different, [higher-value] roles.” The new SSE platform also provided greater visibility, helping teams to uncover security gaps that might otherwise have gone unnoticed.

In fact, Forrester found that businesses using the SSE platform saw, on average, a 30% increase in network and security operations effectiveness compared with their previous environment. As an example, the same interviewee explained how they have been able to automate Virtual Desktop Infrastructure deployments for new hires.

“We can provision regular end users much faster…It [the SSE] does the magic ahead of time, and it doesn’t take any manual intervention to set up.”

The manual work required for recurring updates also reduced, with automated processes for patch updates reducing engineering labor by more than 75%. Effectively, the internal SLA for patches was able to drop from weeks to almost on-demand. One interviewee described the new patching process:

“We have savings in terms of the [overall length of] time it takes to push [the patch] out, and then also the time spent by the engineers has reduced.”

Put simply, networking teams are dealing with fewer issues from week to week, giving them more time to focus on strategic work. One respondent explained: “We’re spending less than two hours a week on anything related to [the SSE], including support.” Another customer said that their list of live issues was reduced from between 30 to 40 on average, to just five.

Avoid unplanned downtime

Any networking professional knows that complexity is a breeding ground for downtime. More tools means more potential points of failure, with a fault in one often triggering an issue that affects multiple systems. When issues occur, teams and vendors chase an optimum “mean-time-to-innocence” (the point at which they can prove the issue isn’t with them) rather than hyperfocusing on a mean-time-to-resolution.

Talking to Forrester, one customer put this in stark terms:

“Prior to [the SSE] our availability was horrific. It was so bad that my CEO had to send emails out to the company [multiple times] … begging people to bear with us.”

Outdated VPNs are often a repeat offender. One company saw a single VPN outage bring down the virtual desktop infrastructure for 2,000 people. But the outage itself is just the start. Tracking down the root cause of these issues is made far harder by poorly integrated and opaque infrastructures without integrated Digital Experience Management. And if you can’t identify the underlying problem quickly, it becomes much harder to resolve any issue in a timeframe that is acceptable to the business. 

Forrester found that companies that have consolidated multiple network security tools into a single SSE platform are able to regain much needed control of, and visibility into, their network and their users. Forrester quantified the impact SSE platform can have, calculating that help desk teams see a 60% reduction in their mean-time-to-resolution (MTTR) of incidents.

Shifting to SSE also led to a 15% reduction in unplanned downtime, while reducing the impact of the downtime incidents that do occur. As one interviewee put it, now“if something [goes] down, it only [impacts] one person [instead of] half of the company.”

Don’t keep choosing between security and performance

Too often, the teams I speak to still feel forced to make trade-offs between user experience and robust security. But the idea that you have to either weaken security controls or deliver poorer user experiences is a false choice – one that tech teams are desperate to move beyond. Asked about their team’s top priorities for network security, one VP of infrastructure at a technology company simply said, “At the end of the day, our number one goal is to secure the endpoints and eliminate friction.” And it is OK for this to be seen as one, unified goal, rather than two conflicting targets. 

Cloud-native SSE solutions make this possible by handling policy enforcement at the network edge, closer to the user. For instance, Netskope’s SSE has 110 data centers globally across 76 different regions, something that is critical to our ability to deliver data encryption and decryption capabilities and fast connection speeds regardless of location. 

Forrester found that companies that have switched to SSE saw demonstrably better security and performance. One senior architecture manager, spoke about their concern about persistent cybercriminals going after their data;“the SSE solution helps us really get a handle on that much, much more effectively.” Overall, teams that switched to SSE saw an 80% reduction in the risk of a severe breach from external attack, and an improved user experience, for example with the time it takes for end users to access supported apps reduced by 50%.

When I talk with networking or infrastructure and operations teams who are struggling with these issues, I try and leave them with a simple message: there is a better way. Your architecture shouldn’t make it harder for you to meet the changing needs of the business, but too often it is doing exactly that.
If you and your team are consistently dealing with the issues I’ve talked about here, my colleagues have put together five quick demos to show how switching to SSE can make a difference. Check out those videos here, or visit Forrester’s website for the full research.