By Amritesh Anand, Associate Vice President - Pre Sales at In2IT Technologies
Data security and data privacy have become increasingly important as the digital world becomes our reality. Laws and regulations have emerged to support this, and every industry now has some form of compliance requirement to keep data safe while maintaining industry standards. Networks and devices can be points of vulnerability that allow bad actors access to data, particularly now as more people are working remotely. A Software-Defined Wide Area Network (SD-WAN) can help organisations to secure both networks and devices to support compliance and ease data security challenges.
A growing body of compliance legislation
With cybercrime continuing to increase exponentially, safeguarding data has become paramount, and many laws are now aimed at ensuring businesses do this while also ensuring data privacy is upheld. Aside from the Protection of Personal Information Act (PoPIA) – which applies to all businesses in South Africa and requires every organisation to take all reasonable steps to safeguard the personal information they are entrusted with – there are several industry-specific laws as well.
For example, the Payment Card Industry Data Security Standard (PCI DSS), the Gramm-Leah-Bliley Act (GLBA) and the Financial Advisory and Intermediary Services (FAIS) Act all provide standards for various aspects around financial services, while the Health Insurance Portability and Accountability Act (HIPPA) applies to all organisations that handle, access, and transmit medical data.
There is also the General Data Privacy Regulation (GDPR) which provides similar, if not more stringent, requirements to PoPIA, but is applicable only to organisations that do business in the European Union.
Gaps in organisational defences
As working remotely has become part of the world of work, so networks and devices have become points of vulnerability that need to be addressed to ensure compliance and data security. There may also be vulnerabilities in software, firewalls and operating systems, and steps need to be taken to address these, otherwise organisations leave themselves open to potential attack. SD-WAN can assist in addressing many of these challenges.
SD-WAN has numerous default, in-built security parameters. From a cybersecurity perspective, SD-WAN enables secure network policy, segmentation, zero-trust architecture, and security management. It is also highly secure as it uses Internet Protocol Security (IPSec) tunnels for transporting data on the network, or from device to device, which will be fully encrypted. This allows SD-WAN solutions to securely connect branches to any application (whether hosted in the data centre or the cloud) across any Wide-Area Network (WAN) connectivity.
One of the features that supports compliance is data plane security with encryption and segmentation to section respective traffic for greater control and reduction of compliance scope. This overlay technology helps in segregating traffic to meet compliance requirements such as segmenting credit card transactions to comply with PCI DSS. There is also control and management-plane security that provides default system security, which includes role-based access control, alarms, user authentication, password controls, roles, and audit logs for change management. This helps broadly across all areas of compliance.
SD-WAN also centralises management and provisioning of the network, making it easier to deploy and maintain policies consistently across the network to ensure all locations are compliant with regulations that organisations follow. Any changes to a policy can be published to all locations from a centralised portal, which reduces the time to implement from days or weeks to minutes. SD-WAN improves overall security posture and helps organisations across all industries to facilitate compliance without increasing overall cost to company.