Security has always been a major IT concern, but it was often overshadowed by the race for better performance and more robust infrastructure. While these are still critical variables in the IT equation, virtualization, ease of deployment, software as a service (SaaS), BYOD, and a growing number of cloud tools mean that building out and managing on-premise hardware is increasingly simplified, outsourced, and/or automated.
However, our utter dependence on the Internet and the increasing sophistication of web-based attacks has brought security to the forefront of IT. And while BYOD has reduced workloads related to end user hardware management, it has brought with it a whole host of new concerns related to security. This isn’t just about antivirus software and firewalls. Today’s IT teams are looking at multi-faceted, holistic approach to ensuring the safety and security of networks and the data they store.
Secure the site or move it to the cloud
For large enterprises, an on-premise data center remains a must, even if many services have been moved to the cloud. For smaller businesses, though, which often grow faster than their IT infrastructure, the physical security inherent in a datacenter is often an afterthought. Servers sit in unused closets or under desks. Networking equipment is often exposed and hastily rolled out. Guests, partners, and new users come and go. All of this is a recipe for disaster, whether because of the potential for malicious breaches or because an on-site disaster could be devastating. There’s no xenon fire suppression in a cubicle.
The message then, since disaster recovery and availability is as much a part of security as anything else, is to make a site as secure as possible, invest in off-site backup, and, wherever possible, move services and applications to the cloud. For SMBs, let the datacenter be someone else’s concern.
Stop it at the door
Gateway and network-based security can take many forms but is generally the most effective means for ensuring the safety of on-premise data and devices. Single network appliances can potentially meet the needs of SMBs, but as organizations grow, dedicated hardware serving specific functions will do a better job of absolutely locking down a network. Regardless of exact implementation, IT departments need to roll out services in the following areas:
- Group policies and permission – Logical security is very much a part of all of this and straight-forward tools for managing permissions, logins, etc., are well worth the time it takes to configure and maintain them.
- Firewall – Firewalls are the devices in which many other security services are often converged. The firewall itself, though, needs to keep the bad guys (which often take the form of robots, DDoS attacks, and other automated hacking attempts) out and allow appropriate remote access.
- Content filtering – Content filters aren’t just for keeping users on task. They’re very effective at keeping users away from sites and services that may host malware or that might otherwise compromise the network.
- Bandwidth and application monitoring – These services have two purposes: making sure that bandwidth is available for mission-critical work and detecting excessive use or specific application signatures that may signal malware infection.
- Gateway anti-malware – Appliances and applications now exist that can scan new network nodes for malware before they are allowed on the network. Others simply detect malicious payloads coming from websites, email, and other services.
- Mobile device management – Mobile devices that may contain sensitive data need to be located and/or wiped remotely if lost or stolen.
- Anti-phishing – Phishing attacks are no longer unsophisticated enough that only the very naïve fall for them. Many phishing emails use other malware to access contacts and user information to look extremely legitimate.
Yes, we still need antivirus (and much more)
While gateway anti-malware is often more effective than desktop software, devices that access the Internet while they are off the network still need robust anti-malware software. It’s also an important second line of defense for devices that stay onsite.
Train your users
Finally, user training is critical. Even savvy users sometimes do dumb things and engage in risky online behavior. Their good sense and effective training is the final line of defense against malware and would-be attackers.
Winning the arms race
Ensuring network security isn’t about any single solution. It’s about investing in holistic solutions that address a variety of security concerns. While the Cold War arms race was about “mutually assured self destruction”, the IT security arms race involves staying one step ahead of would be attackers, no matter how they might attempt to access your network and data or what sort of disaster might strike.