In January 2020, no one could have predicted how unpredictable the coming year would be. But despite the seismic changes to the way we work, the biggest network security threats to organizations were mostly the same old threats we’ve been facing for the past five years. Yet even the largest enterprises with the most advanced, next-generation security are still getting breached. Why? Because all too often, the fundamentals of effective security management are being neglected, meaning security processes are inefficient – which, in turn, leads to vulnerabilities.
To address this problem, let’s take a look at five security management fundamentals that will help to keep your organization, users and customers safe in 2021.
Don’t Fly Blind – Visibility is Key
The challenge of visibility comes back to this; you cannot protect what you cannot see. So, the first thing you need to understand is what you have in your network, which means building a complete repository of all your network and security devices.
Having comprehensive visibility across your network environments, whether this is on-premises or in the cloud, is fundamental to establishing and maintaining a robust security and compliance posture. In-depth visibility shows which business applications and underlying connectivity flows will be impacted by security rule changes, or planned server and device downtime. This is critical to understanding the impact on key applications when migrating or decommissioning servers or troubleshooting problems, and to avoiding costly outages.
Without real-time, accurate and relevant information on exactly what vulnerabilities and issues may be impacting critical business applications, effective risk management cannot be truly achieved. With holistic security visibility across both cloud and on-premises networks, via a single pane of glass, IT and security teams can easily link vulnerabilities and cybersecurity incidents to specific business applications – and prioritize their decisions and actions based on strategic, business-driven needs.
Once you have gained visibility into your network and its related connections, how do you document application connectivity? The obvious choice is to employ a solution that automatically maps the various network traffic flows, servers and firewall rules for each application.
During a conversation with a top U.S. airline, we discovered that they needed to manage 56,000 rules; that is an enormous amount of information. Manually checking each of these rules, which are often poorly documented, is incredibly time-consuming and prone to errors, leading to misconfigurations and potential security holes. Verizon’s 2020 Data Breach Investigations Report showed that over 40% of all the breaches it investigated resulted from misconfiguration errors.
Automation eliminates these manual mistakes. Achieving true zero-touch automation in the network security domain is not an easy task, but over time, you can let your automation solution run handsfree, as you conduct more changes and gain trust through increasing automation levels, step by step. Soon, you will have reached the automation ideal of full, zero-touch network change processes – eliminating the network ‘grunt work’ and the risk of costly mistakes which result from human error. Zero touch also ensures that the balance between security and business continuity is maintained, reducing risks while enhancing the organization’s overall speed and agility.
Segment for Security
Hackers are never going to give up targeting large corporations, and ransomware attacks will never be completely eradicated. So, if organizations are under constant attack, how should they mitigate the chance of a successful breach and stop hackers from moving freely across their networks?
Micro-segmentation minimizes the damage that hackers can do if they gain access, by isolating servers and systems into separate zones to contain intruders or malware, as well as insider threats – much like the segmented watertight compartments of large ships.
Moving to virtualized data centers using software-defined networking (SDN) enables more advanced, granular zoning, allowing networks to be divided into hundreds of micro-segments. But virtualization does not eliminate all the stumbling blocks involved. Enforcing security policies and firewall configurations on all systems and across different IT environments still must be done manually, which is an enormous task for the IT security department.
Automated network management makes it much easier for companies to define and enforce their micro-segmentation strategy. It also ensures that critical business services are not blocked due to misconfigurations and that compliance requirements are met. The right automation solution detects changes in the network that collide with the current micro-segmentation setting, immediately suggests policy changes based on this information and, if desired, automatically validates and enforces them – ensuring strong security and continuous compliance without the need for complex, manual support.
Automated Auditing and Compliance
With ever-tightening regulations governing information processing and security, organizations must meet much stricter audits of security policies and controls to maintain their compliance posture. While regulatory and internal audits cover a broad range of security checks, the firewall is featured prominently, since it is the first, main line of defense.
Ensuring and proving compliance typically requires significant organizational resources and budget, and with the growing litany of regulations, the cost and time involved is increasing rapidly. Manual audit work takes a significant amount of time, as a report must be produced for each firewall in the network. As networks grow in complexity, auditing quickly becomes a colossal task. Automating the firewall audit process is crucial, as compliance must be continuous, not simply cover a point in time. Network security management solutions automatically document all firewall and policy changes, and produce audit-ready reports – saving time and effort.
Making Cloud Migration a Success
According to the latest Gartner research, 90% of its customers are using cloud services. It is a multi-billion-dollar revenue generator, and one of the fastest growing market segments. But, too often, security falls down the priority list during the migration process, causing problems in the long run. A recent cloud security survey found that 75% of organizations were ‘very concerned’ or ‘extremely concerned’ about it. And 68% said they used two or more cloud providers, which meant that security teams often have to use multiple native security tools and management consoles to try and enforce security and compliance across the different environments.
To ensure successful cloud migrations, organizations need to take a considered and gradual approach, understanding that the responsibility for managing cloud security and compliance remains at their door. This demands a deeper understanding of cloud security controls and how they connect and interact with on-premises security devices – which, in turn, demands holistic visibility across both cloud and on-premises environments, and automation of network security management processes.
In the shadow of a challenging year, now is a good time to take stock of your network security processes, and ensure that you implement these best security practices for 2021.