PROTECT YOUR COMPANY’S DATA: BUILD A BETTER INFRASTRUCTURE

The words “spend wisely” hover above any well-thought budget. And no budget is ever enough. IT division needs rise while the line numbers stay flat, meaning most CISOs are expected to deliver more from less.  Zeroing in on infrastructure best practices that boost value will improve data protection without breaking the bank.

Consider these six steps to building a more secure infrastructure and ensuring its longstanding success.

GET THE MACRO VIEW.

Provide the security team with a normalized, comprehensive view of the network, including: routing rules, access rules, NAT, VPN, etc.; hosts, including all products (and versions), services, vulnerabilities, and patches; as well as assets, including asset groupings and classifications. With this comprehensive network view, security teams can view hosts in the network, as well as configurations, classifications and other pertinent information. This serves both as a useful visualization tool and a diagnostic tool, providing analysis that is only possible when considered from the macro perspective. An example of how this would work: security and compliance teams can use this overall view to see how data would move between points on the network. It also highlights information that is missing, such as hosts, access control list (ACL) data, etc., and quickly and accurately conducts sophisticated analytics without disruption of the live network. Access path analysis helps to validate changes, and can troubleshoot outages or connectivity issues, enhancing visibility and improving security processes.

TAKE THE MICRO VIEW ON DAILY DEVICE MANAGEMENT.

Although a macro view is needed to see how all the pieces of the network fit together, network administrators must be able to drill down into the details for a particular device, easily accessing information on rules, access policies, and configuration compliance. This information must be considered within the framework of the broader network, including context such as segments or zones, routing, routers, switches, intrusion prevention systems (IPS), and firewalls. The network components that impact the device will undoubtedly come from various vendors, creating data of different vendor languages that must be deciphered, correlated, and optimized to allow administrators to streamline rule sets. For example, administrators need to be able to block or limit access by application and view violations of these access policies. Daily or weekly reviews of all devices on the network is unattainable with a manual process, and reviewing device configurations less frequently puts network security and compliance at risk. Automating policy compliance helps ensure compliance and consistency, and preserves IT resources.

OPTIMIZE YOUR NETWORK SECURITY AWARENESS AND CONTROL THROUGH INTEGRATION OF MANAGEMENT FUNCTIONS.

Coordinate workflows across functional categories to improve accuracy and efficiency, including configuration management, fault/availability monitoring, performance monitoring, and troubleshooting. From a management tools perspective, this either requires close integration and sharing of data between tools to ensure seamless and accurate handoffs from one to another, or a unified management system that supports multiple functions of a single core database and/or management data model.

IMPLEMENT HYPER-CONVERGENCE FOR AN INTERNAL, CLOUD-LIKE EXPERIENCE.

The convergence of virtualized servers, storage, and networking using software can significantly simplify data center provisioning and maintenance tasks, and reduce long-term costs. “Hyper-convergence changes all your internal processes because most of them were originally built around the separation of the network, storage, and compute layers. Hyper-convergence allows you to operate all three under a single stack.”

PLAN A RISK MANAGEMENT APPROACH THAT INCLUDES SIMULATED ATTACKS FOR CONTEXTUAL ASSESSMENT.

Include the ability to identify near-, mid-, and long-term risks and their likelihood, through “what-if” scenario planning. Today’s attacks often incorporate multiple steps that cross several different network zones, and an isolated view of any of these steps could appear innocuous. Attack simulation technology automatically looks at the holistic network – business assets, known threats, and vulnerabilities – and identifies what would happen if the conditions were combined. Attack simulation can also evaluate potential options to block an attack, providing intelligence for decision support. Understanding the likelihood of an attack and its potential impact against valuable targets is the key to assessing which vulnerabilities and threats pose the most risk.

IMPLEMENT A NEXT-GENERATION FIREWALL (NGFW) AT YOUR ORGANIZATION’S PERIMETER AND KEY INTERNAL CHOKEPOINTS.

The ability to quickly detect and implement automated security response mechanisms is a valuable asset. The tight interaction between traditional firewall rules, Intrusion Prevention System (IPS) signatures, deep packet inspection, application awareness, and global threat intelligence creates a far more secure network edge compared to traditional security architectures. Do also keep in mind: the more deep-inspection or rules the perimeter firewall is expected to process and enforce, the more horsepower and resources required. In other words, choose requirements wisely to reduce the risk of traffic slowdowns.

“A security-centric, programmable infrastructure that detects and responds to emerging threat vectors is essential for organizations to thrive in our hyper-connected era.”