IT is a revolving door of change. While most industries have had to get on board with the digital revolution, few have actually had to be the ones to underpin it all. The best and most expensive applications in the world are next to useless if the networks supporting them all aren’t resilient, reliable and configured for change. Here I take a look at the importance of securing your network, as well as the key to making the most of the relationship with your service provider. So what do you need to know and where is this rapidly evolving area of IT heading in the future?
As with most valuable assets, protecting your network is just as important as installing it in the first place. As the complexities of networks have evolved, so too have the malicious ways to infiltrate them. Luckily, the expanding choice of security solutions now goes beyond traditional firewalls and Unified Threat Management (UTM) appliances, with the introduction of next generation firewalls (NGFs).
Traditional firewalls used to block everything out based on port configurations, but NGFs operate on a more sophisticated level because both the applications running over networks and the security required to manage them have evolved exponentially. New firewalls are smart, granular and manage security based on the characteristics of the applications, rather than the set-up of the ports – ensuring greater protection.
Chat through your specific needs with your provider though; after all, there’s no need to use a sledgehammer to crack a nut. Sometimes a UTM solution is more applicable, or even a basic firewall for specific areas of the business.
First and foremost, understand what services are most critical to your business. Is it an e-Commerce website that accounts for 90% of revenue or is it a VoIP network? Is it the CRM in a call centre, so would have an instantly noticeable effect on the customer experience and the productivity of the business if it failed? Whatever it is, understand the level of criticality and impact if you had to go without it, so that the risk associated can be quantified.
After the most critical, outline a sliding scale of other ‘services’ within your business to prioritise and apply an appropriate level of security. For example, a single internal web server that hosts a system for booking staff holidays has a relatively low criticality to the business when compared to the examples above, but would you want it to still be without a firewall?
Certainly not. However, it also doesn’t need a DDoS solution or a NGF. A one-dimensional approach to security will always fail, whether it be a NGF or otherwise. Success requires defence in depth and focus on the important areas. As well as setting policies by application, effective security needs to understand what typical behaviour for your network is.
Know Your Network
Before you can acknowledge that there is an issue, you first have to know what is ‘normal’ for your particular network. For example – what are the typical traffic flows across the network? What external IP address ranges do you normally communicate with? What are the typical peaks and troughs of traffic over a certain period? It is essential to then have integrated technology platforms that understand this baseline and can also highlight when there is an anomaly to the rule. Once there is an understanding of the ‘normal’ state of your business, it is much easier to understand the most cost effective and efficient way to manage each area of the network.
The involvement of a trusted managed service provider with dedicated skills in security and networking is key if you are looking to outsource some of the more critical areas of network management. Develop a trusted relationship with your provider to fully understand where each other’s responsibilities start and finish. Clearly-defined admin responsibilities often result in reduced workloads internally, allowing your in-house IT staff to pass on the time-consuming niggly IT jobs and free up time to look at ways to innovate IT processes and gain a competitive edge.
Get An App For That
There’s no denying that the emergence of the internet has revolutionised business, with multiple corporate applications used within a business now run over the web. All web-based applications use the same port on a firewall, with encryption embedded within the application. Each app will contain different potential threats and traditional firewalls are not sophisticated enough to define these differences, so are unable to run web-based applications safely. Only a NGF is capable of detecting and neutralising each of these potentially damaging threats efficiently and effectively.
Every Day Is School Day
Being part of a rapidly evolving profession means that resting on your laurels when it comes to industry knowledge really isn’t an option. ISO, PCI, Data Leak Prevention – they are all absolute ‘must knows’ for today’s IT manager. Data is now a company’s most valuable currency – and it needs to be protected both inside and outside of the organisation. If staff are sending sensitive data externally (which they will be), how do you track and manage that information trail? These considerations need to be front of mind in an age where transferring data from device to device is as simple as it is dangerous.
If it seems daunting to take on this level of responsibility, there’s always the option of outsourcing it to a third party. Choose a managed service provider well-versed in PCI compliance and MPLS expertise. This is vital if you are in retail or financial services to avoid the adverse impact of a loss of credit card data or being on the wrong end of a hefty compliance fine.
Networking with your peers is also important – keeping ideas fresh and a having a current understanding of threats and security updates is essential. Years of experience mean little these days if you’re not abreast of the latest industry trends and potential future developments. Guest WiFi access (as well as how to segregate the threats it brings for the main company network) also falls under the umbrella of the IT manager. Opting for access points that can be managed directly from your central security interface allows for true ‘Single Pane of Glass’ management across your entire wired and wireless LAN.
At The Point Of Control
Traditionally, implementing and running some kind of anti-virus on staff PCs was protection enough, but with users now working on smartphones, tablets and a number of other devices, it’s vital that everything is controlled and protected. It’s no longer adequate to just protect a business from data coming in to the network; the data moving within it has to be considered too. A solution such as Good Technology’s MDM software can manage email, web browsing, and calendars on multiple mobile device types, thus providing company-wide BYOD controls.
Protection of data within a network is especially important with home or remote workers, particularly when you consider how often they are likely to work on public WiFi; resulting in all sorts of risks for the network. This makes secure remote access for staff very important. Point to Point Tunnelling Protocol (PPTP) – a method used for implementing VPNs – isn’t secure enough for that purpose. Devices need to be protected from the point at which the user logs in, which often requires an IPSEC or SSL VPN for remote staff access to the network. Patching is also important for IT managers, allowing any bugs on servers to be rectified before they become major issues.
A Mobile Issue
There are not many intrusion apps available from leading vendors for mobile devices, although there is no denying the importance of mobile devices when assessing security strategies. Network Access Control (NAC) – is a relatively recent buzzword within the industry – a way of enabling businesses to identify and authenticate any device on their network by identifying the NAC address. IT managers need to understand every device connected to the network – not just the traditional PC. NAC forces any device to authenticate its source, so non-registered devices are forbidden from connecting. It’s early days in this field, but it’s certainly an area worthy of research and consideration.
DDoS & Don’ts
There have been a number of high-profile DDoS attacks making the headlines recently – with malicious threats wreaking havoc on organisations of all sizes, including giant corporations like Amazon. Having effective intrusion prevention is business critical for IT managers, and deserves standalone attention. DDoS attacks are very easy for the right people to carry out these days and, as a result, the number and type of threats continues to multiply.
Hackers and fraudsters used just to be interested in credit cards, but now that so much more information is in the cloud, personal data has become the currency of preference – meaning much more is at stake for both individuals and companies. The mass move to the cloud also means that not everything is now sitting behind the corporate firewall – a risky strategy if the right protection isn’t in place. The three principal threats to protect against are DDoS, malware and ransomware – all of which can have devastating effects, especially in an age where downtime is nothing short of disastrous.