Securing the network has always been a challenge, but it’s only getting more complex, thanks to the rise of cloud applications, programmable networks and bring-your-own-everything.
For IT professionals with hundreds of items on their to-do list, it can be hard to keep up with constantly evolving network security technologies. More devices are connecting to the network, more services are moving to the cloud and more users are bypassing IT to access rogue applications. As a result, IT departments are fighting to maintain oversight and control.
Keeping abreast of the latest security threats and vulnerabilities can be essential to success: A recent study from IT industry research firm Ponemon Institute polled Canadian companies in 11 industry sectors and found the average cost of a data breach in 2015 was US$3.79 million. Perhaps more troubling is that most companies don’t realize a breach has occurred for weeks or months — until it’s way too late. The financial losses can be staggering, and the reputational damage debilitating.
With many industry analysts suggesting that cyber-security will be one of the main issues vexing businesses this year, organizations can’t afford to drop the ball.
With this in mind, here are three network security challenges to pay attention to in 2016:
Software-defined networking (SDN)
Networks are evolving, and organizations are slowly making the transition to software-defined networking (SDN), which could potentially offer software controls at the edges of the network. Not only does SDN require a different sort of infrastructure, it also requires different skill sets. While there’s a learning curve for IT professionals, SDN has the potential for more granular application control and security.
This is the enterprise goal — but there are security concerns involved. SDN introduces a new software stack into the environment, and that potentially means introducing new vulnerabilities. SDN also enables network virtualization – which could create dozens or even hundreds of network segments — and each network needs security.
Unfortunately, there’s no ‘one size fits all’ approach. One strategy might focus on security that is embedded in the network, while another involves security embedded in servers and storage. In the long term, SDN has the potential to greatly improve network security, but until usage matures, most organizations are more concerned about the risks that SDN presents by exposing the network to new vulnerabilities.
BYOD or BYOW
A few years ago, bring-your-own-device (BYOD) policies were a heated topic of debate. Most companies today support BYOD to some degree, but policy revisions may be in the offing as a myriad of new devices — from wearables to the Internet of Things (IoT) — make their way into the office.
For IT pros, it’s challenging to keep track of all the new entry points. In some cases, wearables and IoT might provide new business opportunities, but these could also represent a security risk with wireless connectivity to networks and smart devices creating pathways to corporate data. Being able to manage network access — and block devices if necessary — will be critical over the next year.
When it comes to security, automation is a good thing — it can help organizations respond to threats quickly and free them from performing routine day-to-day tasks. But automating processes isn’t as easy as it sounds; if the idea of giving up one’s stick-shift for a self-driving vehicle causes uneasiness, end-users are probably not going to be comfortable giving up manual control over to automated security processes, particularly when it comes to mission-critical applications.
In fact, many business IT environments already have automation capabilities for network access control or endpoint security, but IT organizations are hesitant to turn these on, for fear of blocking legitimate transactions. It takes time (and a certain skill-set) to fine-tune automation capabilities, particularly when trying to automate a complex network that supports thousands of devices. And it’s not just a matter of flipping a switch; automation typically entails integrating several security technologies together. Automation tools have big advantages, but expertise is required to make them a help, rather than a hindrance.
Many IT pros are overwhelmed by these issues but may not have the resources or in-house skills to deal with them. With falling budgets, shrinking staff and rising demand for complex applications, managed-as-a-service security offer a viable option to help IT departments.
Deploying security as a service allows organizations to benefit from the expertise of security pros — and organizations can hand off managing and monitoring to a trusted third party (in part, or entirely). In considering a managed security service provider (MSSP), look for one that provides real-time monitoring, diagnostic tools and dedicated support.
Of course, this isn’t a new concept, but with the growing complexities of networked environments — from IoT to SDN — these days it’s a much more enticing option that can help businesses shore up security defenses and gain back control.