I am currently in the middle of a work project that continues to get more and more complicated and that has me somewhat frustrated. We have a number of groups that we want to onboard to our data platform. Back when I first started my career, that could be as simple as giving someone a user name and password. Thanks to hackers and everyone discovering that data is more valuable than gold, we have had to engineer safeguards to keep our data from falling into the wrong hands.
One of the first barriers we created is locking down the network. We have a system where users of our data platform have to be on our internal network before they can even log in. That is a good start but it is not foolproof. Someone can spoof IP addresses and make it look like they are on our network and so there are several other precautions we have taken to keep bad actors out of our data.
Sony is a large company and sometimes we purchase smaller ones. I am working with a recent acquisition and their network does not meet the company's high standards and so we need them to log into our network. At first I thought it would be as simple as having them log into our virtual private network or VPN. That sounds great except it also opens a number of security vulnerabilities. Instead we need them to log into a virtual desktop interface or VDI. This is the equivalent of logging into a new desktop computer. That allows us to tightly control what software is allowed on it and instantly wipe the computer clean should we discover a security breech. This extra VDI is turning into a major issue for me as I have to support getting all of the new users onboarded and figuring out who to charge for it.
Once I get everything working, I will still have other issues to work through. Using an extra VDI has the potential to slow things down. It also creates a layer of complexity. Imagine downloading a document. While you think it may be on your local machine, it actually resides on the VDI. If you need to get it to your laptop, there is an extra download step. Sometimes it gets confusing and people give up trying to get things to work.
Ultimately today's computing environments require vigilance when it comes to security. The downside is that solutions become more complicated. The upside is your data remains safe and that makes the extra precautions necessary.
