Network security practices are familiar to most organizations as the policies and practices that protect your computer from cyber attacks.
Information Technology (IT) professionals and executives generally agree they’re necessary, but some of these practices are becoming outdated as organizations transform digitally.
Basically—it’s time to rethink the old school way.
Traditionally, you have public and private security—one reserved for use by employees at work, and the other for the public—and the tech has been the same for years.
It isn’t enough in the face of new digital technologies. Below are some tips from Chief Information Officers (CIOs) facing this changing landscape, with advice on how you can too.
You can’t just invest in protections for physical networks anymore—you need to protect your cloud.
As your infrastructure and your applications move to the cloud, so should your network security policies and practices. As organizations transform digitally, they rely less on physical networks and more on cloud services.
In fact, Research firm IDC estimates that nearly one third of the worldwide enterprise application market will be SaaS-based by 2018, driving annual SaaS revenue to $50.8 billion, from 22.6 billion in 2013.
Neil Thacker, European CIO of Netskope, told ComputerWeekly.com that the way to focus more on cloud security is to work in layers:
“The traditional seven-layer OSI model has…been replaced with three layers: identity, application and data. In summary, organizations must have better visibility into these three layers without necessarily prohibiting the use of services that businesses rely on.
“Cloud is not just the future, it’s how businesses work in the present day. Therefore, the security of these services and the data that resides in them must form part of a CISO’s principal strategy,” he adds.
Your identity, applications and data are all moving towards the cloud, if they’re not there already. Having protections in place for all three layers will greatly help reduce the risk of attack or breach from a third-party.
IT pros are taking a layered approach—they’re developing infrastructure as a service (IaaS).
As you approach network security in the cloud, you need to take into account that perimeter controls restrict the traffic that reaches your applications. This provides a lot of strength for an organization when they look at that traffic in layers.
Alex Ayers, Head of Application Security at Wolters Kluwer, also told ComputerWeekly.com that it’s particularly crucial for companies to develop IaaS:
“Supporting the architectural and technical controls is a security monitoring layer which, while often seen as an insurance policy, provides data that can be used to augment service health and performance indicators
“Through these different layers, our company is able to deploy, tune and replace discrete specialised technologies in response to changes in threats or business requirements.”
The adoption of IaaS is growing—according to Statista, IaaS’s share of the public cloud market in 2016 was 33.2%, and the number of installed cloud workloads for IaaS in 2018 was 50 million worldwide.
According to Ayers, the addition of these layers is a makes corporate network boundaries a thing of the past. They balance and corporate network, a host of SaaS products to run their business.
Finally, invest in more modern detection and response technologies.
The amount of time it takes you to react to a security breach today is critical. According to Geoff Belknap, CSO at Slack, investing more in modern detection and response technologies is one of the more important things you can do.
They’re not the only ones—Gartner reported last year that detection and response is top security priority for organizations of all kinds.
According to Belknap, Slack uses a suite of technologies like firewalls, network-based intrusion detection, and modern network and endpoint-based malware detection methods. They monitor at the kernel level to see how their services communicate, and of course to detect potential threats.
“We are also big believers in the beyondcorp/zero trust school of thought. We don’t assign any trust based on the source network that a given device’s request originates from,” Belknap said.
“We treat all our networks as untrusted. Instead we make device identifiers a key component of our security, which allows us to make more accurate decisions about access control and make more informed decisions about suspicious activity.”
Network security practices have been around for a long time, as as we continue to evolve digitally, the threats to our security will only evolve too. Preparing for this evolution with updated policies and practices is the first step in keeping your organization’s data safe.
SMSEagle is Hardware SMS gateway to send and receive SMS text messages. To find out how we can help support your network security program, check out our online store.
Megan has been writing about enterprise technology, data, infosecurity and environmental technology for several years. Tweet her @MeganRoseM, or check out her blog: www.meganmorreale.com.