A security system is only as strong as its weakest link. That’s one of the lessons enterprise IT teams can learn from the recent spate of security breaches. If partners can connect to an enterprise’s internal network, or enterprise employees regularly exchange files with partners, then the weakest link might be on a partner’s network.
Obviously, an IT team will never be able to conduct continuous security audits of all its partner networks. Nor will they be able to forbid all communications with outsiders like partners. Business must get done, and business frequently involves collaboration with partners outside the enterprise. So enterprise IT organisations must accommodate external communications without jeopardising security or employee productivity.
When designing and implementing enterprise security solutions, IT architects and security teams should begin by assuming that partner networks are unsafe. They should assume that inbound communications could carry malware, and that external communications might leak confidential data.
They should then implement a secure communications solution that makes communication fast and convenient for employees, while taking every prudent measure to reduce risks and minimise the chance for attack.
I recommend that enterprises follow these best practices when evaluating and implementing security solutions for inter-organisation communications:
- Keep control, and stay vigilant. Implement solutions that enable IT administrators, security teams, and compliance teams to monitor and restrict communications, including ad hoc communications with partners. Just because information is flowing outside the enterprise does not mean that IT teams should cede oversight and control. Look for solutions that let you monitor and control access to files, even if that access is by external users who do not have credentials in internal directories such as Active Directory.
- Make secure communication easy and convenient. If the solution you put in place is easy to use, employees and partners will not be tempted to look for a potentially risky work-around. Instead they will work with the convenient, centrally monitored solution you have provided. Encourage secure habits by making security easy.
- Make sure security encompasses mobile computing. Like your own employees, your partners’ employees are increasingly using mobile devices to create content and to share it. Future-proof your security solution by providing employees and partners with a security solution for mobile communications.
- Implement real-time AV scanning at all touchpoints. Enterprises should ensure that file sharing, email, and other partner communications channels incorporate real-time AV scanning so malware can be stopped at the network perimeter. Don’t let inbound communications become a new weak link in your enterprise’s own network defences.
By taking a systematic approach for partner communications, enterprise IT teams can reduce security risks while keeping partnerships productive and profitable.