Innovation is like entering a romantic relationship. There is both excitement and uncertainty. As enterprises face the new digital battlefield, embracing digital transformation (DX) is often fraught with fear. This is understandable given the unknowns – the unknown of entering unchartered and unproven territory as well as the unknown of the impact of re-inventing business models and processes on staff, customers and partners.
Over the last 12 months, IDC has been emphasising the need for industry incumbents to accelerate DX in the wake of rising competition from the more nimble 3rd Platform startups and tech companies. The ubiquity of devices and services, providing an essential link among people, is eroding traditional boundaries between business and consumers while simultaneously broadening possibilities.
In today’s hyper-competitive market, in which companies must now create, market, manage, and deliver products and services to “digital-first” customers, the pressures on enterprise IT to support the drive for innovation means the three-layer cake of simple, smart and secure.
Indeed, in the midst of innovation possibilities, IT security is, and will remain, of prime importance to all organisations. The expanding amount of distributed corporate applications and data is fertile ground for security breaches and attacks. In tandem, aging IT infrastructure and devices are undeniably strained by the growth of a cloud-based mobile workforce demanding always-on resources. In this environment, it is essential that the enterprise harmonises its path towards digital innovation with emerging security solutions. Properly matching these security priorities with an organisation’s risk tolerance, security program maturity and, crucially, business strategy will optimise innovation and transformation.
IDC predicts that by 2017, one-third of corporate boards will fill a seat with a risk mitigation expert who can provide guidance on data privacy and security initiatives.
The power of digital innovation fundamentally relies on trust. Past successful attacks on retail data information has shown to erode customers’ faith in a business, undermining all other benefits received by business transformation. Beyond this, continued criminal activity related to data breaches have significantly raised interest and awareness in the public on the need for companies to follow proper security protocols. Only a strong security overlay can allow for optimised digital operations and outstanding customer experience to reach their full potential.
In this environment, IDC believes that companies will increasingly elevate the importance of risk mitigation to the highest echelon of the organisation. A primary goal of any organisation is to mitigate risk while maximising digital innovation to generate business value. The change inherent in digital transformation demands that organisations develop and execute sound risk management strategies. The mitigation of risk will carry over to budgeting decisions as well, as IDC believes that by 2016, 25% of large enterprises will make security-related spending decisions based on analytic determinations of risk.
Another security mindset shift is expected. By 2018, 2nd Platform perimeter defences will be surpassed by 3rd Platform-architected, tracers and tethers architecture, creating symbiotic security defences.
DX empowers the user, providing the freedom to work, create, and produce when inspiration strikes.
However, this new paradigm necessarily creates pressure points in the traditional security architecture framework. In response, IDC has identified an evolving security model that moves beyond the past focus on layers and perimeter security. Naming it ‘ tracers and tethers (TnT)’ , this new security model takes a distributed approach, with an emphasis on a hubs-and-spokes architecture. At its core is a strong centralised command and control environment, which stretches out to multiple decentralised sensors and policy enforcement points (PEPs).
Leveraging the capabilities inherent in digital transformation, TnT allows the monitoring (‘tracing’) of credentials, data, and workloads during use and throughout their lifetimes. Further utilising identification, labelling, and contextual mapping techniques to apply policy at relevant PEPs. In this model, cryptographic ‘tethers’ allows remote attestation that validates the integrity of credentials, data, and workloads, using roots of trust like TPMs, secure elements, and HSMs.
TnT’s highly distributed and mesh-like models echo the evolutionary path of IT architecture, which contain temporary zones of trust and where multiple networks, and often hosts, are untrusted. In essence, TnT reframes security from static and focused on networks and hosts to a dynamic, distributed, and credentials-, data-, and workload focused environment. This model provides multiple benefits for today’s digital environment, including creating symbiotic security defences capable of sharing threat indicators across the environment, allowing for real-time updating of policy based on new risk determinations, and adopting policy enforcement at the application level.
The possibilities and innovations inherent in digital transformation are clear. However, only organisations that are pushing to adopt modern security systems that take advantage of the evolving nature of digital IT transformation will find an organisation that reaches has re-invented customer experience, business processes, and its workspace. While there will always be an inherent tension between security needs and innovation, the successful organisation will work to keep the two in balance.
Take the HP Secure Print Analysis at www.hp.com/au/spa or
Contact an HP Printer Security Expert
- 1 800 985 138 (within Australia only)
- Enquiry form