Shifting from a Control to a Risk Mindset

The modern CIO has to understand where the business is trying to go, because if a business isn’t growing, it’s dying and everyone out there knows that they’re at threat from digital companies. Larry Biagini
Former Group CIO, General Electric

Former GE VP and CTO Larry Biagini helped oversee the multinational corporation’s journey to a secure cloud environment. GE needed to support remote app access across its widely-distributed workforce, shift to local internet breakouts, improve user experience, and better-manage its employees’ cloud activity. Among other mandates, Biagini and team established a new user-specific authentication model, set data centers as cloud destinations, evangelized a cloud-native app-development culture, and moved from a control-based to a risk-based IT framework.

In little time, GE had retired its VPN and MPLS technologies, and, as Biagini puts it, gotten “out of the data center business.” GE reduced costs and improved user experience, improving mobile-device access and facilitating direct-to-cloud connectivity. Security improved with Zscaler’s “follow-the-user” security policy and coverage.

Company: General Electric
Sector: Conglomerate
Driver: Larry Biagini
Role: Former VP and CTO
Revenue: $122 billion
Employees: 300,000
Countries: 170
Locations: 8,000
Company IT Footprint: General Electric is a global name and has been an icon of technology innovation for well over a century. At the time of writing, there were about 9,000 IT employees and another 15,000 contractors at GE. GE maintained an application portfolio of around 8,000 applications distributed across 45,000 compute nodes. GE’s IT infrastructure was spread across 300,000 employees who sat in 170 countries around the world.

Support remote app access across widely-distributed workforce

Implement direct-to-internet connectivity

Deliver a rich user experience while maintaining visibility

Manage, improve visibility of employee cloud activity

Shift from protecting network to protecting users:

  • Eliminate the distinction between inside and outside the network
  • Move security to the cloud
  • Establish a user-specific authentication model

Connect users to applications, not networks

Make data centers direct-connect destinations within the cloud infrastructure

Build cloud-native app development mentality

Move from control- to risk-based framework

Reduced costs: retired VPNs, lower MPLS costs, getting out of the data center business

Normalized mobile-device access

All 340K GE employees protected by Zscaler

3000 branches direct-to-cloud by 2020

“Follow-the-user” security policy and coverage

Consolidated DMZ security vendors — yielding 66% support resource efficiencies