With few exceptions, everyone realizes the importance of network security. Organizations of all sizes and across every industry understand that it’s crucial to defend against malware, botnets, ransomware, and other cyber attacks from a constantly shifting threat landscape. The rise of mobile devices, cloud computing, DevOps, and containers has completely eroded the concept of a network “perimeter”, though, and leads to the question, “What is network security?”
Where is your network?
Once upon a time, I was a network administrator. I am dating myself to some extent, but I knew where my network was. It was contained—for the most part—within the walls of the building my company was in. I could walk into the data center and physically remove Ethernet cables to disconnect a server or endpoint from the network. There was a distinct “inside” of my network, and a separate and distinct “outside”. There was a clearly defined perimeter that defined what was inside and what was outside.
It was a simpler time then. Today, your network can be everywhere and nowhere. Users have laptops, tablets and smartphones. They connect wirelessly to access applications, data and other resources, or work remotely over the public internet from home or a Starbucks on the corner. Many organizations have hybrid environments that span local data centers and public and private cloud environments—with applications and data replicated across multiple sites around the world for resilience. There is no perimeter.
What is network security?
If you can’t define where your network is, how can you effectively protect it? The trick is to change the way you think of your network, or cybersecurity in general. Instead of viewing things through the lens of inside or outside of your network, consider what it is you actually need to secure and protect.
Network security has evolved. There are many elements involved in securing your applications and protecting sensitive data: web security, email security, application security, mobile device security and more. Effective network security requires a holistic view that encompasses all of the ways your applications and data are exposed to potential threats.
Effective Network Security
Cybersecurity can’t impede productivity. Authorized users need to be able to access resources and data without unnecessary friction. At the same time, you need to have tools and processes in place capable of detecting suspicious or malicious activity and alerting IT personnel or initiating some action to block the attack.
You can’t protect what you can’t see, though. In a world of DevOps, containers, and hybrid cloud environments, the concept of a network is much more fluid and dynamic. The first step to effective security is to ensure you have comprehensive visibility of your environment—wherever that may be—and tools capable of providing an accurate inventory of the devices, services, applications, and users connected to your network at any given moment.
The lack of network perimeter and more advanced cyber attacks make tools like intrusion prevention systems (IPS) and behavioral analytics more important. Attacks frequently use cracked or stolen credentials to gain access to the network, so they appear at first glance to be authorized users. IPS monitors traffic on the network to identify malicious activity, and user behavioral analytics enable you to detect suspicious or unusual behavior that might indicate a compromise.
The network has evolved, but the goal of network security is the same. Organizations want to avoid cyber attacks and protect applications and data from compromise. As technology changes and attackers adopt new techniques, cybersecurity needs to adapt as well. Effective network security requires cloud-native tools that can scale as needed to keep up in a rapidly-changing environment.
About the Author
*** This is a Security Bloggers Network syndicated blog from Alert Logic - Blogs Feed authored by Tony Bradley. Read the original post at: https://blog.alertlogic.com/defining-network-security-in-a-hybrid-cloud-world/