DE | English
Modern Workplace Oct 16, 2019

Modern Workplace: Secure? Open? Both!

The classic concept of business IT is based on the image of a company as a fortress. Everything within its walls is trustworthy, everything out-side potentially dangerous. The fortress walls (firewalls) and moats (proxies) protect the company. But not enough. Why? Because we are globally connected, because employees want to and need to work out-side the bounds of the company exactly as they would within the for-tress. The question is how to resolve this dilemma by introducing a Modern Digital Workplace...

Share article

Almost all companies are turning to the cloud as the enabler of their digital transformation. This transformation to cloud-based applications and services, large amounts of data, and machine learning brings about new business models and another way of working. The reasons are compelling: Companies that consistently tackle the digital change gain a competitive edge and stand out against traditional competition. Users and the company as a whole therefore demand productivity everywhere and on any device. This includes access to sensitive company data away from the traditional workstation as well as modern business applications such as legacy applications. The latter were created long before the cloud came into being, and are therefore not programmed and toughened accordingly.

 

Keep control – Accelerate innovation.

The digital transformation only increases the urgency to accelerate innovation in IT departments. Internal IT is a central driver of processes—it’s your IT that facilitates new business models. Cloud and enterprise mobility influence security environments and strategies in many areas including identity management, data security, and application and device management. Processes such as Hybrid Cloud and virtualisation, isolation of services, programs and resources, advanced threat protection, and Software-as-a-Service are just some examples of new and changing tools.

 

With the help of new technologies, the IT organisation is now in the position to create added value while maintaining appropriate control over growing structures. Legacy applications are often specific to enterprises and critical to business because in some circumstances they still need to be used for many years to come, especially in production.

 

Gartner Consulting refers to the strategic route to take as “bimodal IT”—two different speeds and technology approaches that can be used as needed. One element is software provision for the Modern Workplace with its requirements of internet and a modern, highly-mobile way of working. The other is provision of an environment for legacy applications in traditional processes, as isolated as possible by various virtualisation technologies. Bimodal IT can be realised on the basis of a hybrid cloud with corresponding technologies.

 

 

Next-level security.

In addition to new tools, the new technological approaches require organisational and procedural changes. In the past, companies had to continually install new versions of Windows and Office. Patches were run when security problems arose or on a scheduled “patch day”. But no new security features were added until the next version was installed. This gave hackers the opportunity to exploit security vulnerabilities between releases and find weaknesses in the design. Such security weaknesses are especially problematic in this age of advanced persistent threats. Hacker organisations are criminal organisations that want to manipulate systems, steal information, and blackmail companies—that’s their business model. They invest a lot of time and money in their activities.

 

Traditional IT generally defends itself with tactical security solutions that in turn contain more partial solutions. The problem with this variety is that security vulnerabilities across the entire eco-system are caused by solutions designed to solve other vulnerabilities, above all through changes to the operating system. This is aggravated by an overly complex security infrastructure that requires a lot of time and is difficult to manage—not to mention performance limitations and numerous latencies. In order to really secure Modern IT with cloud, mobility, and new requirements, a suitable technological security model needs to be developed and an appropriate security strategy implemented.

 

End-to-end – The Microsoft way.

Microsoft is one of the few companies that can increase your level of security with one holistic security strategy. Why? Because Microsoft has more device telemetry data at its fingertips than any other provider. This data provides Microsoft with detailed insights into the action and methods of attackers in the digital world. Windows 10 architecture also relies on hardening, a security development lifecycle, and type 1 virtualisation with containers and sensors.

 

Because it’s impossible for people alone to evaluate the data constantly captured around the world, Microsoft uses artificial intelligence processes. Thanks to the productivity and affordability of the cloud, Microsoft is in a position to find needles in haystacks: Algorithms search for abnormalities and correlate different information that would otherwise go unnoticed. If the algorithms detect a threat, the response mechanisms kick in and prevent the customer from being compromised. And it’s scalable: The same threat or attack pattern is automatically eliminated for other users too. Additionally, Microsoft is also building its own Cyber Defense Operations Center that provides direct access to thousands of security experts, data analysts, engineers, developers, program managers, and operations specialists, to ensure quick responses and solutions to security threats. Microsoft will thus offer an end-to-end solution approach that is useful both in classic infrastructures and all-cloud architectures.

 

The Windows 10 operating system is a decisive step towards a holistic model. Deployment of older versions of Windows usually required expensive deployment projects. Windows 10 simplifies this process through extensive automation. At the same time, standardisation and application isolation enable an extremely high level of application compatibility. The bottom line is, if Windows 10 is introduced correctly, you need never install another operating system ever again.

thorsten-krueger.png
Thorsten Krüger
Business Manager Consulting Services