INTELLIGENT ENTERPRISE SECURITY
Six ways to
secure your
enterprise
during
transformation
While networks are getting overwhelmed
due to mobility, IoT, SDN, cloud, John
Madisson at Fortinet spells out six security
best practices that should not be overlooked.
O
ver the past year there have been
a large number of high profile
security breaches. It is almost like
we have not been investing more time and
money into cybersecurity than ever. But
we have. So, what is going wrong?
The majority of these breaches
have one thing in common. IT teams
are failing to practice basic security
hygiene. Cybercriminals target known
vulnerabilities because they know that
most organisations will have failed to
patch or replace their vulnerable devices.
It is easy to point a finger. But there are
reasons why performing the basics has
gotten away from us. Here are a few:
Networks
IT teams used to have a pretty good handle
on the network. But you can only add so
many new ecosystems to a networked
environment before your IT team is
stretched to the breaking point. SDN,
IoT, private clouds, multi-cloud, shadow
IT, and the list goes on. The amount
of time in the day just spent on digital
transformation activities has eaten away
at any time that used to be available for
things like patching devices.
38
John Madisson is Senior Vice President, Products and Solutions at Fortinet.
Visibility
Dynamic scalability is really a wonderful
thing. But when devices can exist on
your network for only minutes, simply
configuring and coordinating the
application and removal of policies –
especially across multiple hypervisors
– can eat up a lot of IT resources. So,
maintaining a working inventory of things
that need to be patched or updated in such
an environment can be really hard.
Add thousands or millions of new
IoT devices, the ongoing challenge of
BYOD, multiple cloud environments, and
bringing OT online, and it is easy to miss
that device in the corner that desperately
needs an update. But cybercriminals only
need to compromise one device if it is the
right place.
Devices
We need to know what devices and
resources applications can touch, where
the data lives, who has access, and where
the workflows go. Add offline devices,
cloud based software and storage services,
and increasingly, multiple cloud-based
infrastructures, and keeping track of
everything can be a full-time job. But if
you are like most organisations, you did
not get new IT budget to hire an engineer
to do that. And even if you did get budget
for additional security staff, they were
probably assigned the task of just keeping
the network from burning down.
Part of the challenge is that we keep
reinventing the wheel. And it was not a
particularly good wheel to begin with.
Our approach to security has historically
involved buying whatever cool new
security tool was available to plug the
security hole of the day, wherever it
happened to be. Which means that we
have deployed dozens of tools from a
variety of vendors in our networks. And
these tools do not talk to each other or
share information.
Instead, IT teams manage them
through an average of about fourteen
different security consoles, which makes
things like threat correlation nearly
impossible. And then, when we add a new
environment, like SDN or the cloud, we
start all over again, and many times with
different security vendors.
It does not have to be like this. Here
are six things every organisation needs
to consider when approaching security,
Issue 13
INTELLIGENT TECH CHANNELS