Many believe Internet service providers should offer more aggressive cyberattack response services. Until that happens, what optional security services should an enterprise consider asking for from its ISP that aren't normally provided?
Ask the expert
Perplexed about network security? Send us your network security-related questions today! (All questions are anonymous.)
The ISP is perhaps the most important yet least considered entity in the realm of enterprise cybersecurity. Because it is almost always the first stop for individuals attempting to traverse the Internet, the ISP is typically in a unique position to help mitigate network attacks against its customers. However, many times, these mitigations come at a price.
For example, many ISPs will offer bare bones protection against various types of network attacks. Simply put, there is no financial benefit for ISPs to take anything other than a minimalist approach toward cybersecurity. However, if your organization is willing to pay, most ISPs will offer some sort of additional protection against things like distributed denial-of-service (DDoS) attacks and mobile device vulnerabilities. While ISPs offer a wide variety of security services, these two are ones to strongly consider. Let me explain why.
When it comes to DDoS, the default protection offered with your ISP's base Internet connection package may or may not be robust enough for your enterprise network. This is something that will have to be determined on a case-by-case basis. If the base package is not enough, I highly recommend purchasing extra DDoS protection. This often entails the ISP offering additional spoofing protection along with more downstream bandwidth to your network. That's not to say that pursuing additional DDoS defenses becomes unnecessary, but knowing your ISP is part of the defense matrix enables it to take action to head off small attacks before they become big ones.
Mobile device protection has gained tremendous popularity in recent years and is offered by many of the bigger ISPs. This often involves the downloading of an ISP-specific security application on each mobile device within a network. After it is downloaded, the ISP can monitor each mobile device within your network. Because it has a bird's-eye view of all of the networks within its autonomous system, an ISP can be quite effective at delivering up-to-date mitigations. This service is perfect for enterprise networks that have enabled bring your own device policies.
This was first published in February 2014