Our Roundtable Sessions are invite-only events hosted by peers for peers that bring together a select group of senior IT leaders from across industries for topic-driven, intimate dialog on current trends and topics. We hosted this Session featuring a group of CXOs and other IT executives. The group met remotely to discuss micro-segmentation and why it is important on an open campus network, led by the VP and CIO for a private Ivy League research university. This Session was sponsored by WootCloud.
The micro-segmentation solutions market is projected to grow by $2.88 billion by 2025. Organizations of all types seem to be moving toward various levels of network segmentation, but it is a gradual process. Micro-segmentation takes segmenting a network to the next level.
It became clear that the definition of micro-segmentation was vague to some and how it differs from segmentation. For example, when asked if micro-segmentation was being implemented at his organization, one attendee said, "We are segmenting, but it depends on how you define micro-segmenting." Others echoed that question, so it became apparent that there needs to be clarification on how micro-segmentation is defined for organizations to implement it effectively.
Essentially, micro-segmentation is next-level segmentation, dividing the network into micro-blocks, as one attendee stated. It is segmenting all the way down to devices so that the state of each endpoint is monitored. With micro-segmenting, you can see everything that is coming into your network and precisely where it is going so that you can manage issues on those micro-levels. As one attendee stated, "It goes right down to the device because we're looking at it as we want the campus to be self-aware. And that is informing us as to the state of each of the devices and what's the state that they're operating in so that if it changes state, it can give information back as to why did this professor's laptop suddenly start doing these things when it's never done this before?"
In terms of security, "you can't have all these devices floating around on an open campus network." With micro-segmentation, you can see every access to and the behavior of each micro-segment and fix that segment or device without taking down the whole campus. More complex devices are creating a challenge, and creating a seamless networking environment while still getting the security that comes from micro-segmenting is the goal. AI can detect and fix segment issues, but you must know what AI is doing on your network.
After micro-segmentation was clear to all, the discussion turned to how to get buy-in from stakeholders to implement the solution. Buy-in starts from the top down, but you must sell the solution at all levels. It was discussed that the faculty members don't understand that you can't just have an open network and let anybody in – they just want it to work. One attendee showed faculty the statistics of how many times the system was compromised in the first 24 hours before solutions were implanted. One participant said that for measuring success, "there's the amount of data that you're going to get from the journey, and then just how everything works." Other suggestions were "Selling it as a way to keep your business secure and therefore help you run your business" and "Security is a service, and micro-segmentation allows you to control security proactively."
Multi-factor authentication (MFA) and one-time-passwords (OTPs) are being used to verify identities, some argue, at the cost of customer convenience. So how do you implement security controls for your customers without asking them to do too much?