Meeting Today's Computer Network and Data Security Challenges
The IT world certainly has changed and along with it computer network and data security. The cloud, social media, smartphones, widespread WiFi, tablets, and other innovative technologies bring exciting and valuable business capabilities to the market. Unfortunately, they’ve also introduced new vulnerabilities, breeding a new generation of attackers who are eager capitalize on the susceptibilities.
Few dispute that data has become an organization’s most valuable asset. Organizations must ensure the integrity and control of that data through encryption, data loss prevention strategies, and other data security management techniques.
In the past, network and data security was IT-centric. It typically involved defenses like:
> Protecting edge switches
> Setting up layers of firewalls
> Implementing virus protection by deploying anti-virus software, intercepting viruses at the email and Internet servers, educating users to leave unknown attachments unopened, and blocking users from accessing known risky websites
> Thwarting DOS attacks by monitoring incoming traﬃc, recognizing attacks early, and setting switches and routers to perform rate limiting and traﬃc shaping functions. Organizations expecting more sustained, sophisticated, and distributed DOS attacks deployed additional hardware to capture and divert or redirect the attacks.
> Scanning online activity to identify and isolate individual hackers often considered “lone rangers” or rogue players.
Although these defenses took nearly a decade to develop and deploy effectively—and in recent years organizations have experienced some success in curtailing malicious activities— these defenses weren’t intended to defend against many of the types of online threats organizations face today. As a result, organizations continue to experience disturbing losses due to computer network security breaches.
Maintaining proper security monitoring and controls are central to defending your organization against data security breaches. Fortunately, new efforts at Security Information and Event Management (SIEM) and Data Loss Prevention (DLP) strategies can counter the latest threats.
SIEM uses automated collection, analysis, alerting, auditing, reporting, and secure storage of all logs, which produces a mountain of information. Tools then correlate this huge amount of seemingly unrelated data and turn it into intelligible patterns that reveal what actually happens on your network and immediately generates alerts if anything significant happens. The results are invaluable to the stakeholders in any organization, including Compliance, HR, Security, IT, and Network Operations.
DLP consists of systems to identify, monitor, and protect data in use, in motion, and at rest. It relies on deep content inspection and contextual data security analysis of all aspects of a transaction within a centralized management framework. In short, DLP is designed to detect and prevent the unauthorized use and transmission of confidential information.
The network and data security threats organizations face place a substantial premium on their ability to recognize threats and correlate threat behavior. Therefore, companies require not only technology tools but enterprise-wide information governance grounded in policies and education. That’s why it’s equally important that management has the will and commitment to enforce corporate governance and HR policies.
With all this in mind, please check out our previous blogs – Eight Step Computer Network Security Assessment: Best Practices, and Five Critical Shifts that Threaten Network Security. Let’s make 2012 a data-safe year!