At the start of every calendar year, I get asked about technology trends for the coming year and the increasing importance of security with so many new nexus forces at play. Thankfully, security is always trending. Since the early days of networking, IT-security has been a critical issue, and that remains true now more than ever.
In 2015, a survey conducted by Paessler revealed that 58% of all surveyed IT administrators named security as one of their key tasks and constant challenges. In the past, a firewall and a virus scanner were sufficient to protect the network of an SME, but today, a number of interconnected solutions are needed to counteract the ever-evolving threats. All these IT security tools can only provide comprehensive security if their function is ensured and if the overview about all measures is being guaranteed. This requires a comprehensive security strategy that identifies potential hazards, sets up appropriate tools as a preventive protection, and controls and maps all this within one central solution.
Unfortunately, organisations still view security as a “grudge purchase”, which is so dangerous. It is imperative to understand that security is no longer an IT concern but a business issue. But to acknowledge that reality, it is important to recognise the biggest security threats to your business.
What are the biggest security threats to your business?
The Classic Villains
Viruses and Trojans are no less dangerous today, just because they have been around since the dawn of the Internet. Again and again, new malware creates headlines and the ever progressing integration of everything and everybody constantly opens up new doors. Therefore, antivirus, firewall and intrusion detection systems are still justified.
Bring Your Own Device (BYOD) and Internet of Things (IoT) create new opportunities for malware intrusion by expanding the threat vector. Previously, a simple ban on private disks, CDs or USB flash drives was sufficient, but today there are too many devices connected to the network. A general ban is neither practical nor sensible in most companies, because many employees use smartphones, tablets or laptops both privately and professionally. Even IoT creates new gateways, integrating numerous devices into the network which do not belong to IT and which come with a risk that is often difficult to assess. IT has to meet the risks involved in advance and find the right compromise between new opportunities and greater flexibility on the one hand and the necessary security on the other.
Not only malicious attackers threaten your data: failures or misconfigured devices and applications can also cause data loss. It is not about building lines of defense, but rather setting up a monitoring and early warning system which constantly monitors all critical components and immediately takes action on an error or, ideally, can already see the first signs of impending problems and warns you before the situation becomes critical.
IT is threatened by more than systemic risks. Physical disasters such as fires, floods, heat or theft should not be disregarded in a comprehensive safety concept. The best antivirus software can’t protect you from a flood in the data centre or an air conditioning failure in the server room.
For virtually every threat there is the right "antidote". Virus scanners and firewalls protect against malware, backup tools assure data, environmental sensors control humidity and temperature, and surveillance cameras have unwanted intruders in view. As long as all these systems operate reliably, your IT is relatively safe. But how do you make sure that everything works? And most of all: How do you keep track of the number of systems that are essential for the security of your IT?
Securing security via Unified Monitoring
For a comprehensive security concept, you need a monitoring solution as a kind of meta-security tool for the monitoring and control of individual measures. Now that we have identified the usual suspects, what does it take for an organisation to build a future-ready, fool-proof security for their network?
- Ensure security tools are up to date
- Fallback if conventional tools fail
- Ensure general functionality
- Monitoring of physical control devices
- Keep the overview
Are the virus definitions up to date? Are backups valid? Is the firewall online? Security only works when the security tools are working. The meta-security solution must be able to monitor traditional security tools input and to ensure its correct functioning.
However, what if that one sneaky virus bypasses the firewall? That’s where a suitable monitoring solution is critical to detect unusual behavior and provide real-time alerts.
Monitoring solutions continuously monitor performance and function of all components of your IT infrastructure, no matter whether it comes to hardware, software or data streams, in order to help prevent data loss.
A suitable monitoring solution should also be able to monitor physical sensors as well as video cameras, thus ensuring that all systems operate and if necessary to notify respectively alert you when defined thresholds have been hit.
Another essential aspect of a comprehensive security concept is clarity. Only if you are able to quickly and easily view all your security tools in real time, without having to call up each solution individually, you have a fighting chance to keep track of the entire security situation. The monitoring solution needs to be able to integrate all the tools used and to map them without great effort in a central overview.
Ultimately, no monitoring solution can monitor your entire IT out-of-the-box, modern infrastructures are far too complex and heterogeneous. It is important that the right solution possesses all the necessary functions to monitor the entire IT infrastructure, including as many as possible of the common protocols. Usability is key as well – even if a new monitoring solution is implemented and installed as a meta-security tool in a project, it still needs to be usable. If the solution is too complex in daily use, it will probably not work out as designed.
At the end of the day, a meta-security solution is a key element in a comprehensive safety concept, but what is ‘meta-critical’ to the business is to put the user at the heart of your network security ecosystem.