Over the past few years, companies have seen the adoption of new technologies and new ways of working explode. While these changes are a powerful thing for businesses, they are increasing the threat surfaces of organizations, and the technology and processes companies have in place to protect them are not keeping pace with the speed of this change.
This change is being driven by five huge global IT trends:
1. Cloud Computing and Server Virtualization
The cloud offers considerable benefits for companies such as scalability of compute power and resources – reducing costs and allowing smaller businesses access to the systems they would never previously have been able to touch. However it does raise natural concerns around security.
2. Mobility
Today’s workforce is increasingly disparate – either travelling between offices or working from home. While generally good for productivity, a mobile workforce presents its own problems for IT management, from device and application management to controlling where connections come from.
3. BYOD and the consumerisation of IT
The consumerization of IT through the move to Bring Your Own Device (BYOD), has been – and continues to be – a massive challenge for IT departments. It has even lead to some in IT circles referring to it as “Bring Your Own Destruction”.
4. Third-party collaboration tools
As businesses have become more disparate, the tools they need change, part of this is the need to collaborate using third party tools. Unfortunately many of these platforms, for example Slack or more recently Google Docs, have all had security weaknesses.
5. The Internet of Things (IoT)
The rise of the IoT means that corporate networks can now have any number of different devices attached, from climate controls to lighting. You don’t have to look far in the news to see that these are all potential weak points.
In face of the expanding threat surface, how can companies continue being flexible with their IT provision, while at the same time reducing security threats? The good news is that there are a number of areas IT departments can focus on to help contain their expanding threat surface, these include:
Keep Critical Data On-Premises and Encrypted
On-premises and encrypted data provides an enterprise with a greater sense of control compared with having their data in the cloud on third-party storage provisions. Encrypting on-premises data helps further lessen the blow of potential cyber-threats while keeping your data secure.
Monitor Your Systems Real-Time
Investing in a good monitoring solution, which is deployed on-premises provides IT departments with a proactive and reactive arsenal with which to fend off cyber-threats. Monitoring systems in real-time while applying security policies enables IT departments to better control data and in turn their infrastructure.
Layer Threat Protection
A singular line of defense in the form a universal security policy is no help in mitigating today’s cyber-attacks. Layering threat protection in the form of uniform security policies across all devices, multiple forms of authentication for users across the business, including remote branches and remote users, gives IT departments a better handle on security. Adding positive and negative threat detection with signatures to the security mix helps create a barrier from all angles.
No cybersecurity effort is going to be 100% effective or foolproof, but by updating their security tools to match technology advancements they can keep data secure and give IT greater control while catering to the flexibility needs of the workforce.
The only way to address the growing attack surface is to create a comprehensive strategy, integrated controls, end-to-end security mechanisms, monitoring, reporting and analytics.