Is Encrypted Connectivity the Future of Cloud Security?

Michael Ritter
Person with hands raised on grass

Data security has become the key concern of businesses everywhere. Following last year’s high-profile breaches and the damage to reputation and revenue caused by the fallout, enterprises across the world are waking up to the fact that their networks are fundamentally insecure. For IT operators in all major organizations, protecting the integrity of their network is now the most significant challenge. They know that attacks can come from any direction, including from cybercriminals and secret service organizations who may be hacking into portals to steal data or simply eavesdropping on data sent over WANs to collect information such as unencrypted passwords.

The other growing trend is to finally focus on protecting data as it moves outside the walls of organizations and data centers. Until recently, little was done to secure the highways that data travels on to get into the cloud and back to the owner. Now enterprises are demanding end-to-end security and providers are starting to offer solutions that go beyond securing data at rest.

Rising concern about cybersecurity is one of the key reasons for the growth in secure managed services. For businesses, leasing encrypted connectivity straight from communication service providers (CSPs) also makes a lot of sense for efficiency and scalability reasons. With secure managed services, businesses can not only improve their network security but they can leverage protection lower down in the OSI stack, which is faster and simpler to manage compared to traditional Layer 3 IPsec encryption.

Choosing which network layer to encrypt is the key factor. Whether transporting over a public or service provider network, traditional security measures generally involve IPSec data protection at Layer 3. For a long time this worked well for low-speed connections with no particular requirements regarding latency and performance. However, as businesses move more data to the cloud and as they look to utilize more bandwidth-intensive applications, low latency and high throughput become essential requirements.

Layer 3 IPsec encryption is no longer the best fit when networks need high capacity and performance. This traditional method is fine for transmitting secure private information but, in order to offer services involving multi-media, synchronous remote storage or high-performance computing, Layer 3 is simply not up to the job. That’s when encryption at Layer 1 and 2 become viable alternatives. And this lower layer security is precisely what many CSPs are now offering as an incremental component of their security services portfolio.

It’s no surprise that secure managed services are becoming more popular. For providers, being able to offer encrypted connectivity is a clear path to new revenue streams. For enterprises, the integration of encryption and connectivity technology means they no longer have to deal with an additional third-party or install, operate and troubleshoot the encryption function on their own. Encryption technology integrated into the connectivity solution is easier to operate and it delivers lower CAPEX than separated network and encryption appliance gear. This approach also helps businesses to source WAN-related connectivity products and technologies from a single source.

I’ve seen first-hand that this shift is gathering pace. Businesses are definitely wiser about cyberthreats. They know that trust and often legal compliance depend on harnessing the most comprehensive security measures available and that means protecting data in motion deep down in the network stack. I know from working with CSP customers of the ADVA ConnectGuard™ security suite that, when providers can offer their clients managed services with protection at the data-link and physical layers, it opens up a lot of opportunities.

This is a market that looks certain to grow and evolve in the near future as enterprises demand stronger security strategies while making more use of the cloud and high-performance applications. For CSPs it’s a way to increase customer retention as they offer more tailored services. For enterprises it ensures that data and reputations are safeguarded and increasingly stringent regulations are met. What it’s going to mean for the IT integrators who historically provided this business segment is less clear. But secure connectivity with in-flight encryption at the crucial lowest network layers looks certain to be the first choice for businesses in the future.

Related articles