Intelligent Tech Channels Issue 17 | Page 39

INTELLIGENT ENTERPRISE SECURITY
Visibility Develop a clear picture of the key assets you have , where they are located , who has access to them , identify the most critical assets . In the digital age , data is king so knowing which devices have access to your data is key . Note that data is not just the domain of the large enterprise , but a reality for every size and type of organisation . This assessment will lead to you the determination of what makes up your organisation .
Architecture With the proliferation of IoT , adoption of BYOD , growth in use of virtualised environments , and adoption of public and private cloud infrastructures – all require that you step back and examine how you architected your core network .
Focus on the outcomes you desire while you examine the architecture : is your network architected to maximise availability and ensure continuity even if it is under attack , have you secured your data paths to make sure you are protecting every known avenue that can be used to steal that data , does your protection extend to the physical and virtual elements in your network ?
Inventory Technology is a key element to addressing security challenges , but technology is part of the solution . People and processes play an equally important role in maintaining a robust security posture . Developing an understanding of how sensitive information is handled , who has access to sensitive information , your internal policies on how you treat sensitive data , policy enforcement mechanisms and ongoing training of personnel handling sensitive data must be part of the overall solution .
Basics Often organisations invest in the latest and greatest technology and buzz word driven solutions . Sometimes there is a perceived correlation between high-end solution and impact . But there is a difference between perception and reality . Organisations must start with the basics .
Mohammad Jamal Tabbara , Senior Systems Engineer UAE and Channel , Infoblox .

Organisations have migrated from having tightly controlled networks with endpoints , to one where the definition of an endpoint is changing .

Practices Like I said above , people and process are a critical component of addressing your security posture . Make sure you have instituted best practices around passwords , patching your systems with the latest updates and keeping up to date with your hardware and software .
Core Organisations that have adopted a defense in-depth approach have done so for several critical applications like e-mail , web traffic and endpoints . Often , they ignore the core of their network – the basic systems that allow access to applications and services on their network . In other words , core elements like DNS , DHCP and IP address management , often referred to as DDI .
Get help Too often organisations rely on internal expertise , but budget constraints and the availability of trained security experts constrain their ability to have the extensive coverage they need . Help comes in many forms , technology and external expertise .
Augmenting the team ’ s skill sets with the latest development in technology that allows automation and leverages machine learning to drive better insight into threats is key . Relying on security expertise from organisations that specialise in security is often underutilised .
Unify Make sure that all the elements of your defense in depth approach work in unison . This means that when one system sees a vulnerability that information should be shared with the other parts of the infrastructure . Whether that information is an indicator of compromise or threat intelligence , the information should be shared .
For example , if your DDI infrastructure identifies a new device on the network , that information should be shared with a Vulnerability Scanner so it can scan the device to ensure its integrity . While the information in isolation is useful a new device on the network it is becomes actionable and more impactful when it is shared with other parts of your infrastructure .
Of course , this requires that the vendors you select have an open approach and have built their products with the ability to share information with other parts of your infrastructure . •
39