Customers often complain about the high cost of security in terms of the software and hardware needed to batten down the hatches. Only companies that have failed to effectively secure themselves and have experienced the painful consequences truly understand the pain of not preparing adequately. Here, Net Optics President and CEO, Bob Shaw, explains how IT pros can sell security solutions and defend networks from a barrage of security threats. —Jennifer D. Bosavage, editor
Perpetrators stole or compromised an astounding 386 million customer records worldwide last year. Calculating that each lost record costs an organization about $200, the price tag for 2011’s security breaches reached an estimated $77 billion. Early this year, credit and debit card processor Global Payments admitted that a systems breach had resulted in the “export” of 1.5 million records. That brisk rate of criminal activity raises many questions, foremost among them: where are the highest vulnerabilities, and how can IT professionals mount an effective defense?
Progress is vital—and unstoppable. New applications and devices drive productivity and empower employees, but they expose companies to soaring risk and uncertainty. The consumerization of IT and barrage of Web-based and social applications threaten network performance and security, challenging IT operations to monitor traffic and block security threats. All the while, mobile devices are keeping traffic at a boil, making it ever harder to track the people and devices accessing these applications, and to sell security solutions. Social networking sites such as Facebook and Twitter have become a fertile breeding ground for malware and social engineering scams, while Android and Apple iOS platforms are becoming increasingly attractive hacker targets. Of course, few companies would actually block those applications or deny network access to mobile devices (in fact, BYOD is propelling the trend in the very opposite direction). Nevertheless, IT still needs to control access and monitor user and network behavior. What are the best options?
Siloes and Islands Fall Short
Security approaches have suffered historically from two design flaws. For one, network administrators tend to purchase tactical point tools or appliances to overcome a security or network issue. This creates “islands of security” whose lack of technical integration makes them only marginally effective when dealing with the juggernaut of security challenges rolling in from Web-based applications and mobile devices. Besides, security tools deployed “on top of” existing technologies tend to behave like an afterthought, adding complexity and management overhead to the IT and network infrastructure and putting a drag on performance.
The “siloed” approach segments the network to fit the needs of disparate teams: security, regulatory, performance, databases, applications, departments, etc., each attempting to block only the threats for which they were responsible. This model has shaped many of today’s network infrastructures. To manage their respective segments each network team installs and operates their appliance(s) independently, connecting to the network at their various locations.
But where teams compete for network access, inefficiencies ensue, such as patchy visibility and major gaps in security coverage. Best Practices now demand treating the entire span of the network as an entity, across cloud, data center and remote branches.
The Power of Visibility
Not surprisingly, with billions vanishing, visibility has taken on an almost mystical aspect to desperate IT pros. Not only can visibility rescue the network from intrusion and theft, but reveal other issues affecting network productivity and value, minimize risk and enable productivity gains from IT applications and services. But as applications become more diverse and the devices hosting them more pervasive, visibility solutions that look only at the network edge or see only random monitoring data are not robust or comprehensive enough.
The importance of fine-grained monitoring and visibility across both the virtual and physical networks cannot be overemphasized. Without it, security threats can have their way, raising financial risk while inviting business casualties. At the very least, visibility into the virtual must be comparable in acuity to that of the physical network.
- Protecting The Business From Cloud Application Security Risks
- The Massive SaaS Opportunities For VARs
- A Reseller's Guide: Recipe For Channel Partnership Success
- Cloud Connection: Seven Steps To Effective Public Cloud Services
- From CapEx To OpEx: Channel Strategy In The Federal Push To The Cloud
- A Reseller's Guide: Coming Out On Top In The Face Of Channel Conflict
- How To Create A Case For Disaster Recovery Plan
- How To Offset Your Customers' BYOD Risks
- How To Ease Client Anxiety About Private Cloud Deployments
- How An SMB Cloud Provider Can Create 'Swagger' In A Competitive Market
- A Reseller's Guide: Creating A Successful Solution Provider Event
- How to Prepare for the Future of the IT Solutions Industry
- How to Consolidate Data Protection Services for Greater Customer Value
- 10 Attributes to Support Revenue Marketing and Sales Success.
- How To Improve Efficiency: Upgrade Mountain Lion and iOS6
- How To Cash In On the Cloud Through Collaboration
- How To Sell Cloud Storage In Five Steps
- How To Protect High-Value Data Assets
- Moving Data to the Cloud: Options for SMBs and Small Enterprises
- How To Apply Big Data Security Analytics to Detect Advanced Threats and Breaches