by Stefan Dietrich
We are entering a time when network performance and security become critical assets to the enterprise. It is no longer within the territory of individual enterprises, but reaches proportions of larger scale. Overcoming political obstacles to come together for the good of the larger goal has become critical.
The IT leadership team needs a focused plan to regain control from the daily pressures of time, budget, and business demands, and to steer towards, and refocus resources, on the common goal.
Enterprises today are investing significant resources to re-architect their global network infrastructures to reduce operating expenses, to improve performance and agility, and to ensure an excellent user experience for cloud-based applications. Most obstacles encountered are non-technical in nature: business units that want to maintain their autonomy, specific local security or legal constraints, existing legacy infrastructure and artifacts. Add the technical complexities from years of implementations under high time pressure, and the day-to-day challenges of operating within such heterogeneous environments, and you arrive at an ironic situation: managing everyone’s requirements is actually undermining the very security goals you are trying to achieve. It is a vicious cycle, where theoretical, perceived, or widely publicized security threats can drive a mandate for new technical solutions. This in turn increases complexity, resulting in greater vulnerability.
Cutting through the complexity to achieve a simplified and streamlined global network seems impossible – until we consider the lessons offered from real-world politics. The history of creating the European Union shows a model for overcoming parochial self-interests to achieve a stronger community based on common goals.
Business units strive to preserve autonomy for good reasons. They have their P&L targets, and like to operate without interferences and with as few mandated constraints as possible. Local regulatory requirements are often used to emphasize this further, resulting in security rules that reflect interpretations of legal constraints as well as the wish for autonomy. Such security rules prescribe, for example, that traffic between business units – from/to external partners or the Internet – must be isolated, inspected, or firewalled. These rules create complexities that add little to the overall protection of the organization as a whole, and divert resources from working on threat scenarios that would have a much broader impact, e.g. information leakage, reputational and brand damage through social media, or the future ineffectiveness of encryption methods that are still considered today to be “military grade”.
Today businesses call for networks to adapt quickly to changing business requirements and usage patterns. Private and public cloud applications, expansion into emerging markets, cost reductions through hybrid networks, connectivity, and growth of mobile devices all require an unprecedented degree of agility on which network engineering teams need to deliver.
So how do we persuade business units to set aside their individual interests, narrowly defined, to work for the common good of the enterprise? The formation of the European Union is an interesting analogy to consider.
The idea of the European Union dates from 1948 with the Hague Congress, bringing together six founding countries.
In 1957, the Treaty of Rome created the European Economic Community, establishing a customs union. Shortly thereafter, industry forums sprung up, actively promoting and advocating the business benefits of simplified commerce and open borders. Additional treaties and organizations were formed over the following years. New members joined the Union bringing the total membership to 28 countries in 2014.
It became clear that vast simplification of transport systems, customs, controls, rules, and laws was needed for economic growth. In 1985, the ratification of the Schengen Agreement achieved what was believed impossible, simplifying the flows of people, services, and goods. The rules of the Schengen Agreement apply to the needs of enterprise networks.
The Schengen treaty addresses five specific concerns:
Interestingly, the same rules and area apply synergistically for networks.
The technology community seems to be in similar foundation stages as the European union. Industry forums such as the Open Networking User Group (ONUG) have been founded to advocate the benefits of open networking as a catalyst for networking transformation. Led by IT visionaries from the giants in the financial, Internet, retail, and transportation industries, these organizations are driving toward action for the adoption of open “Software-Defined Networking (SDN)” technology standards, committed to expedite the process of open networking, sharing use cases and requirements, and transforming an entire industry by voting with their collective dollar to ensure the user voice is heard.
Using the analogy of the success of the Schengen treaty, with proven principles that are easy to understand and are already validated, provides a simple framework to navigate a political mine field. When implemented, the advantages become clear:
Be realistic, it won’t happen overnight. Not everyone will agree on rules and principles. But remember, there were only six founding members of the EU, and by 2014, 28 states agreed to the same rules seeing the advantages and successes of the overall approach.
And above all remember, it is a political solution you are negotiating, not a technical one! With this approach, we can bring the stakeholders together to enhance the enterprise networks for all users.
To register for ONUG Spring 2014 in New York City, May 5-6 hosted by Citigroup, please click here.
Stefan Dietrich is an advisor to the c-suite on key IT transformation and CIO issues. Between 2006-2012, he was a Managing Director at AXA, one of the largest insurance companies in the world ($46B market capitalization), executing advanced technology strategies on a wide area of IT transformation programs, removing expenses on commodity solutions and aligning technology investments with the business value chain. He holds a Ph.D. in Aerospace Engineering and Computer Science from the University of Stuttgart, Germany. He was formerly a member of the faculty at Sibley School of Aerospace and Mechanical Engineering at Cornell University.