IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Network security: Only as strong as the weakest link
Fri, 6th Jun 2014
FYI, this story is more than a year old

It only takes a single weak link in your security to bring your system to a halt, making defence in depth a necessity.

You’ve got your corporate firewall. Your VPN (virtual private network) secures communications with branch offices.

All emails are scanned for the latest malware. And you even have a security policy for your management team so they can use their smartphones to access the corporate LAN.

But all it takes is one lapse in security - an unsecured laptop, an unauthorised USB thumb drive or an employee downloading a suspect image - to bring your system to a screeching halt.

Secure gateways not enough

Today’s interconnected world means that you and your staff can work anywhere, anytime. But it also means all of your wired and wireless devices represent a possible entry point into your network and data. Having a secure gateway isn’t enough.

Your security is only as strong as the weakest link. And today’s switched-on businesses have lots and lots of links. The experts have been developing endpoint security solutions and have been working hard to eliminate weak links from the network.

The technology - from ESET and others - is available. But it is up to you to ensure that your network security profile has kept pace with the threat landscape.

Defence in depth

Endpoint security has come the full circle. Before, corporate networks operated behind the firewall and each internet-enabled PC and server had its own protection.

As the technology evolved, IT managers found it easier to move the security burden from the device to the gateway.

However, as internet access became more pervasive, the secure gateway could be bypassed and holes began to appear in otherwise secure networks. The challenge for today’s IT managers is to maintain a secure perimeter and ensure that all points inside are hardened as well.

This model is called ‘defence in depth’ and is gaining traction as the preferred method to keep your users, networks and data secure.

Tight control is the answer

The key is to keep tight control over the devices that have access to your network. You have to ensure that any and all devices that connect to your network are hardened for secure operations. No exceptions.

And you have to ensure that each of these devices is running the latest version of the operating system, browser and applications. Most threats can be blocked just by keeping your software and systems up-to-date.

Securing each and every device on your network is still a challenge, to be sure, but not insurmountable. With a judicious mix of technology (antivirus/anti-spam, firewall, business activity monitoring, etc) and management (internet usage policy, BYOD guidelines, identity management, regular updates, etc) you can ensure that your network, devices and databases can be insulated from most threats.

Universal access makes working easier. It also adds more risk. But with a smart policy, defence in depth and secure endpoints you can maintain a secure network and get on with running your business.

This article was contributed by Chillisoft NZ, distributors of Eset security