There are many security benefits to using IPv6, as opposed to the more common IPv4 protocol. IPv6 was designed for security and has several built-in security features. Although some IPv6 features can be used in IPv4 now, such as end-to-end encryption using IPSec, these features are retrofitted into IPv4. The same features are native in IPv6 and will likely end up being used more because of the fact that they are integrated features that do not require additional software installation or administration.

IPv6 is much newer and not as well understood as IPv4. IPv6 presents a steeper learning curve to manage, and organizations may find that some legacy applications or hardware do not support it. Most current operating systems support dual-stack IP networking, in that they will support both IPv4 and IPv6 concurrently. This may be a good interim option for organizations that must evaluate whether all software and hardware will support IPv6. A dual-stack approach allows the organization the ability to enjoy the benefits of IPv6, including end-to-end encryption and more secure name resolution, without having to immediately retire components that do not support it.

Internal organizational networks don’t provide the clear trust boundaries anymore. Before the proliferation of cloud computing, it was easy to define the network perimeter for any network. But today, cloud applications such as Microsoft Office 365 or Salesforce.com are integral parts of an organization’s operations. It is important that all security considerations and reviews include cloud service providers as well.

For example, you must ensure that your cloud service provider supports the level of anti-malware that you require in your own internal network. Likewise, your cloud service provider should at least match your recovery goals. And with respect to practicing the principle of least privilege, cloud service providers should provide enough user accounts to define access to the level of granularity you need to manage your users. In short, your cloud service provider should meet or exceed the security requirements you use for your internal network.

If you determine that your cloud service provider does not meet your minimum-security requirements, making changes to meet those requirements may result in agreement changes. Changes may cost you more in-service fees. That’s why it is always better to validate security requirements during the negotiation phase before you sign up for cloud service provider services. Always review your cloud service provider’s Service Level Agreement (SLA) and know what each one promises.