You’ve heard all the buzzwords -– spam, phishing, spyware, botnets -– but what are you actually doing about them? Are the security measures you have in place good enough, or have you been wasting your money?
One option is a security appliance, designed to simplify the process of securing
your network. Some appliances are single-purpose, such as a firewall, made up of hardware, software and middleware. Others are multifunction and include, for example, a firewall, anti-virus protection and intrusion detection.
It’s worth considering security appliances if you have limited resources, says Nick Galletto, a partner with Deloitte Security Services. But don’t expect them to make you bulletproof. Your IT solution must be proactively managed, monitored and updated.
When evaluating a security appliance, it’s as important to consider those features that are obvious as those that are hidden. Bottom line, your appliance must provide what you need to manage day-to-day operations. While a combination of security-specific devices could be the way to go, if you already have some security measures in place a multifunction appliance might be overkill.
Most appliances’ software is updated automatically over the Web and offered in a subscription-based plan that benefits the software vendor, says Claudiu Popa, president of Informatica Corp. Large enterprises typically purchase security appliances because they’re marketed as easy to install and manage. Such enterprise versions have been scaled down in price and functionality for the SMB market. While Popa says they readily apply to the needs of mid-sized firms, whether that’s true for small companies is a matter for debate.
Before buying into the concept of plug-in protection, consider that you might require additional staff to manage and monitor a security appliance. As well, check the security of the device itself. Has it passed extensive independent security testing? How does the manufacturer address privacy issues? Could you achieve the same benefits with open source software and a dedicated $200 PC?
How much overlap will you have with existing technology? Added features may not be necessary, or may just slow down your network and bump up costs. “If you’re going to get an appliance, get a very specific feature set that you actually need rather than getting more than you need,” Popa says. Don’t enable features for the fun of it. If an appliance produces logs, you need someone to review those logs. Otherwise, there’s not much point in producing them.
If you have multiple security appliances and don’t have the resources to monitor all of them, consolidate (and prioritize) your alerts into one console. And ensure you have a solution that’s flexible so you don’t have to keep replacing it as your business grows.
Perhaps most importantly, don’t roll out any security solution until you’ve established some basic ground rules. You need security policies and procedures, as well as an action plan if something goes wrong.
One way to develop these ground rules is through an audit, which can reveal major threats to your organization and how capable you are of dealing with them, says Joe Green, vice-president of vendor community initiatives with IDC Canada.
A lot of security problems occur through human error, so even if you have great anti-spam and anti-virus protection, an employee might inadvertently download something while surfing the Web over lunch.
That’s why employee education is just as important as any security appliance you hook up to your network. Don’t rush out and buy something you don’t really need. And don’t expect a security appliance to solve all your problems. After all, an appliance is just an appliance. It takes people to interpret data and make critical decisions.