How to manage network security efficiently -TEISS® : Cracking Cyber Security
Todd Kelly, Chief Security Officer, Cradlepoint, offers a variety of measures to keep your networks safe
Network security needs are changing right before our eyes. Digital transformation is shifting workloads to the cloud, increasing mobile workforces, and expanding IoT footprints. From branch locations to in-vehicle networks and IoT devices, cyber attacks are becoming more advanced by the day. Today’s diverse network architectures and security needs make scalable solutions and flexible cyber threat intelligence essential.
Most organisations want the cost savings and efficiencies of the cloud without having to sacrifice the levels of security to which they’re accustomed. Even while the network security industry introduces more effective detection and defence solutions, the traditional ‘fixed perimeter’ based approach to network security is quickly becoming obsolete.
Also of interest: How to manage shadow IoT and mitigate the risks to network security
The network security landscape
Thanks to greater connectivity, employees no longer have to go to a fixed office space to work. You can work wherever you are, be that on a train, aeroplane or at home. Research suggests that by 2020, half the UK workforce will be working remotely and flexibly. This means security models can no longer focus on securing just a fixed place – the Wide Area Network (WAN) will need to secure all perimeters and be just as flexible as the workforce it serves.
This new WAN landscape demands an elastic edge. Unlike the fixed edge that relies on physical security and static security infrastructure, the elastic edge encompasses diverse-endpoints: people; mobile and connected devices, and even vehicles that are in the field, deployed within third-party environments, and on the move. This elastic edge creates a new range of security risks and challenges.
As security efforts evolve from the fixed edge to the elastic edge, networks can be kept safe with a variety of measures:
- Automation and education
Automation can mitigate the risks associated with platforms that are prone to configuration mistakes or open to known vulnerabilities. As part of the education process, IT can create simulated events so employees can see first-hand how attacks occur and recruit their help to identify potential vulnerabilities.
- Parallel networks and access controls
4G LTE provides an easy and secure way to support ‘store-within-a-store’ network deployments. It provides inherent segmentation – both physically and logically – to create a parallel network that eliminates the possibility of east-west attacks.
When administrators need entry points to make changes to something like a remote IP camera, hackers can take advantage of an open firewall port to set up long-term, gradual incursions that are small enough and infrequent enough to avoid detection. Organisations should endeavour to use out of band methods where possible for remote access rather than opening up firewalls to inbound network attacks.
- On-premises and cloud-based security measures
Many IT teams face the challenge of managing both onsite and cloud-based solutions, which can be extremely difficult when covering hundreds of remote locations or thousands of kiosks. Moving to a cloud-only network management model facilitates large-scale configuration changes, makes managing remote routers easier and enables teams to quickly rollout software and security updates. Cloud networking solutions can also provide Software-defined Perimeters (SDP) to create separate network overlays that place IoT devices on different networks. This prevents hackers from using compromised IoT devices to access the primary network.
- Authenticate first, connect second
Software-defined Networking (SDN) enables IoT devices to be deployed on a completely separate network (virtually), which is invisible to the outside world. Traditional networks utilise a ‘connect first, authenticate second’ model that allows hackers to scan networks for devices and their ports using common hacking tools, and then use those same hacking tools to defeat the authentication. A key benefit of SDN, especially those based on SDP, is the model of ‘authenticate first, connect second’. These networks are completely invisible and inaccessible unless you or your IoT devices are first properly authenticated. This approach is effective against most network attacks, including DDoS, man-in-the-middle, east-west traverse and advanced persistent threats.
As organisations continue to shift towards a more remote, flexible working model, the need for agile and secure networks becomes greater than ever before. In an age of change, organisations need to utilise new technologies to ensure their enterprise is as secure as possible.