Lumen advances 5G technology with a simplified, holistic cybersecurity mindset

A commitment to 5G security

Lumen believes people are at their best when we use innovative technologies to advance how we live and work. That’s why the technology giant strives to deliver amazing customer experiences with networking, cloud, and security solutions that underpin next-generation business applications. As it works to further human progress through technology, Lumen is focused on protecting and maintaining data with care. It selected a suite of Microsoft tools, including Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra, to uphold its commitment to high security and compliance. 

Based in Monroe, Louisiana, Lumen has 38,000 employees and a global reach. It’s transforming from a traditional telecommunications company into a technology company with improved user experiences, a high level of security, and more efficient operations. 

This transformation comes as Lumen is also contributing to a transformation in connectivity by leading the implementation of 5G mobile networks through fiber connections to towers. As part of this effort, the company takes the security principles it applies at the physical network layer and works with wireless network partners to apply the same concepts and principles to 5G. Because Lumen works with federal agencies, it has stringent security and compliance requirements around how it provides such services. 

“We’re rolling out many of the things that make 5G happen,” says Sibito Morley, Senior Vice President and Chief Data Officer at Lumen. “That’s our business, and it doesn’t matter whether data travels wirelessly or via a physical wire. We must effectively secure the data by connecting who people are to what they do, ensuring that they have the right access at the right time.” 

Technology fit for a transformation

As Lumen embarked on its technology transformation journey and started taking on 5G implementation, it began examining its responsibilities to protect and manage data. It wanted to meet those responsibilities without pushing complexity onto employees, partners, or customers. Like many other companies with a global footprint, Lumen faces the challenge of balancing the business need to access data with the legal need to ensure that access is appropriate. 

As both a lawyer and technologist, Morley understands this tension all too well. Together with his partners in Legal and Information Security, they oversee identity, security, and compliance within Lumen, where he uses his legal and technical experience to support priorities such as records retention, identity management, and data governance. 

”Security and compliance are essential to doing business,” Morley says. “If our goal is to use data and technology to improve the lives of the people we interact with, whether it be customers or partners, then our responsibility to protect and treat that data appropriately is commensurate with the opportunity to serve them.” 

Morley and Lumen’s IT team of around 1,200 people needed to address several challenges as they thought about how to protect and manage data. Lumen is implementing a hybrid cloud strategy and migrating from on-premises environments to the public cloud, so it needs to be able to safeguard all of its data regardless of where it’s located. To do this, the company is modernizing many of the long-standing systems it collected through many mergers and acquisitions. This streamlines operations while simultaneously providing the visibility and insights necessary to help protect data from emerging risks. 

To reduce the complexity of compliance and data management across its enterprise, Lumen wanted to avoid treating identity, governance, and security as separate issues. The company needed a scalable way to tie together people’s identities with their roles to manage them with automation wherever possible. Morley and his team also needed a solution that can be applied consistently wherever data resides, which is especially important as Lumen pursues a hybrid multicloud strategy. “Many of the emerging compliance standards require us to monitor and report where data is located,” Morley says. “We need proper control of our data, regardless of where it is or goes.” 

Simplified identity and compliance

Morley and his team picked a suite of Microsoft products to address identity and compliance in a complementary way, meeting both the technical and legal standards that Lumen takes pride in upholding. At the heart of their strategy was creating an environment that’s highly secure and effective for its millions of internal and external users to easily accomplish what they need to do, while keeping in place the needed controls and regulatory aspects. 

“With Microsoft, we’ve built control-panel visibility across environments that allows us to go from only being compliant to creating a better experience around compliance,” Morley says. “We’re even more competitive now as a provider because we can ensure compliant, highly secure services that are also simpler and more efficient.” 

Lumen uses Azure AD to help secure access to data with strong authentication, create a fast sign-in experience for users, manage all identities and access in a central location, and simplify identity governance through automation so only authorized users have access. The company uses Azure AD in the cloud and on-premises Active Directory for single sign-on, multifactor authentication, and Conditional Access. With the Entra family of products, Lumen can manage all users in both cloud-hosted and on-premises apps. Lumen combines Azure AD and on-premises Active Directory with Azure Active Directory External Identities to create highly secure digital experiences for both internal and external users. 

Lumen applies a Zero Trust framework when building its strategy for these tools. The Zero Trust framework requires the team to always assume breach, so it creates controls to explicitly verify each user and use least-privileged access. By using Microsoft products to apply these principles, Lumen can provide a highly secure, role-based experience to users across different environments. 

To strengthen its security posture and defend against a wide range of threats, Lumen uses the Microsoft Defender suite of products. It unifies data governance and creates a holistic map of its data landscape with automated data discovery, sensitive-data classification, and end-to-end data lineage capabilities in Microsoft Purview. 

A data-centric approach

With its new collection of identity and governance tools in place, Lumen can focus on safeguarding data across the company rather than worrying about specific apps. Lumen brought together its identity and compliance strategies so that it doesn’t matter where work gets done if there’s appropriate access to data regardless of where it’s located. 

“We use Azure AD and other connected Microsoft tools to gain transparency and then use automation to give us confidence that we’re actively safeguarding our data,” Morley says. “It’s a belt-and-suspenders approach. We use Azure AD to proactively manage access provisioning in alignment with our application and organizational strategies. We also use Microsoft 365 E5 to combine machine learning and AI to continuously learn about our data and classify it. This combination provides the powerful enterprise governance capabilities that are necessary for businesses today.” 

By simplifying identity, Lumen has made it easier for employees to work more securely and collaborate effectively with customers so that they can rapidly innovate together for the 5G transition and beyond. Simpler identity solutions affect everything from employees’ onboarding experiences to how they engage with applications day to day. 

Continued innovation

Lumen’s IT team can reinvest its efforts elsewhere as security becomes more streamlined and automated. With the peace of mind that comes from a comprehensive solution covering security, compliance, and identity, the company is free to grow, create, and innovate. 

“We’re driving more efficient operations and simplifying our security regimen with Microsoft’s solutions,” Morley says. “We’re using the energy we previously spent managing disparate sets of technologies to really focus on how we drive innovation. We can think through how we drive a better outcome in terms of experience and how we help our employees do their jobs better.” 

Morley notes that it’s almost impossible to quantify what that means for potential revenue increases and time, effort, and cost reductions. “It has a multiplier effect on our success as a business, and I do sleep better at night,” he concludes. 

Find out more about Lumen on Twitter, Facebook, and LinkedIn.