We all know that security is the hot topic in IT for 2014. Symantec’s Internet Security Threat Report shows a 62 percent increase in the number of data breaches in 2013 from 2012. Earlier this year Cisco released its quarterly survey, in which respondents were asked what they feared from the new security threats. Over 80 percent answered that they (IT) actually felt secure with the technology that they had in place. Unfortunately, that answer is contrary to what is really happening. Feeling secure is no substitute for staying alert. The IT department still needs to make sure that it is doing everything in its power to keep its infrastructure protected. If the antivirus isn’t working properly, one can’t fault the end user for getting a virus.
Going by the premise that it is better to be proactive than reactive, you can start by taking stock of your infrastructure and looking into what your issues are. Although many organizations may experience a sense of security with their fairly new infrastructure in place, others might still find themselves not properly configured to utilize their new technology to the fullest. One must keep in mind that even the latest security products cannot keep up with today’s threats. There is no magic black box to keep everyone safe.
Conversely, just because Symantec’s senior vice president Brian Dye announced, “Antivirus is dead,” that doesn’t mean that we can fully exhale or give up. It simply implies that what we do have in place in regard to security should be properly configured and maintained to the fullest. Firms’ networks need to be kept current with the latest software patches and upgrades available. This can be a challenge for organizations with few resources. After any installation, it’s always good practice to test systems for vulnerabilities and confirmation of settings. Over time, systems should be rescanned to ensure that any security updates have fixed reported vulnerabilities and that changes made to the original configuration have not been undone due to human error.
If you don’t have the resources or expertise to perform these tasks, you should seek professional assistance. The benefit to cost ratio will pleasantly surprise you. It always pays to have someone double-check your work, especially when it pertains to security. Many smaller organizations have quality IT staff; however, they may not be security-minded or well-versed on today’s latest threats. Hiring a security-focused individual to spend a day or two on site, reviewing your organization, can be worthwhile. It’s possible that the recommendation may be to just reconfigure what you already have in place instead of investing in a totally new capital expenditure.
Today’s modern networks can also come with new dynamics in security. Many companies are using public cloud services either full-time or in a hybrid capacity. With these new technologies arise new challenges and security concerns. Another ideal time to bring in an expert, to make sure everything is done correctly, is when your firm is preparing a move to the cloud. In the public cloud, not only do you need to protect yourself from traditional outside threats, but threats from co-tenant networks as well. These other companies’ networks may not be as secure as your network, but you both share the same infrastructure, from which a new threat vector can emerge. Therefore, it is very important for new customers in cloud services to vet them properly. Make sure that your company has the right to audit and test the provider, just as any client might audit and test your own private network. Passing along the infrastructure costs to the cloud doesn’t mean that a firm automatically passes along the associated security risks as well.
Finally, once the review is complete, day-to-day monitoring is going to be vital to having a secure infrastructure. In the layered defense approach to network security, network monitoring acts as the tripwires that notify IT that there is a minor problem – before more a serious issue occurs. A noteworthy example is the Target breech of 2013. From March 13, 2014, Bloomberg Business Week:
“…they (the alarms) went off early enough that the hackers hadn’t begun transmitting the stolen card data out of Target’s network. Had the company’s security team responded when it was supposed to, the theft that has since engulfed Target, touched as many as one in three American consumers, and led to an international manhunt for the hackers never would have happened at all.”
The bottom line is this: Whether your network is within your walls or someone else’s, take the time to review your security configurations. This can either occur before an incident happens, or afterwards — and afterwards will usually include a higher price tag and potentially irreparable harm to your firm.