Limited network visibility equals limited control, which in turn increases information security risk. The network...
security challenges enterprises are up against are as simple as that. A large part of this is based on the complexity of enterprise networks. There's a direct and quantifiable relationship between the systems, applications, vendors, processes and people in an environment, and the number of security difficulties it encounters.
Month after month, enterprise IT and security professionals are forced to deal with more and more "things" piling up on top of the already enormous heap of things to secure. It's not all that different from the never-ending pile of stuff in your inbox. Some of it's based on lack of resources, while some of it's by choice. That's precisely when the security issues on your network go undetected and breaches occur. Take, for example, all of the mobile devices on your network or cloud applications being used every day. There's stuff going on right under your nose that no one has yet to discover. If you don't know what's where, you can't possibly begin to secure it.
How to know and secure your network
To properly secure an enterprise network and its information assets, it's essential to understand the network far better than an adversary ever could. In this article, we'll review three important steps you can take today in order to define, assess and secure your enterprise network.
- Understand what information is where and how it's currently at risk. Many organizations have yet to perform an in-depth security review, while others are not looking in all the right places. You won't be able to claim that everything is under control until you determine where things stand. This can start with an inventory of your network systems. I've never seen nor heard of a current system inventory, even in the smallest of environments. You eventually need to analyze where your sensitive information is located. An information classification system you might already have in place is a good start, but you have to dig in deeper. Look on mobile devices, open network shares and cloud applications. It's easy to assume that there's nothing of value in these areas -- executives claim that all the time -- but once you get more network transparency, you'll likely be surprised at just how much information is currently out of your control.
- Get to know your tools like nothing else. Quite often we have all the information we need. We just don't know our tools well enough -- or have them working together -- to get to what's important so we can fully understand what's happening on the network at any given time. This goes for such basics like firewalls and logging systems. Even if it's not part of your daily tasks, you should learn more about your vulnerability management software, data loss prevention tools, log management or security information and event management systems and the like. Whether you're a hands-on technician or a high-level manager, the more information and events you and your colleagues know about, the greater oversight and accountability you'll have, which will ultimately help to lower your information risk level.
- Shore up your priorities. While seemingly boring and unimportant, time management has a tremendous impact on the level of information security you're able to attain. Going beyond yourself, you need to understand what's important to the business. Every for-profit business' core goal is to acquire and retain customers. Government agencies and non-profit organizations have to fit their operations within a specific budget. How is your work in IT contributing to that bottom line? You need to be able to develop a means for assigning business value to the varying information assets and then communicate the current levels of risk to people outside of IT. What solutions are you proposing? Are there ways to simplify all the moving parts in your environment?
I've seen IT and security professionals thrive on network complexity, and while it can certainly be good for job security, it's not good for your security posture. Likewise, I've seen management refuse to sponsor information risk assessments because they know that once the risks are documented, they have to be addressed. Your business can't afford these political complexities.
Enterprise networks are larger and more complex than ever, but that can't be an excuse. You have to get -- and stay -- on top of what you have and what's taking place in your environment. In the end, it's the things you do to minimize the impact to your business that matter most. Tweak your strategies. Know your network. Focus your efforts. Manage tasks proactively and be prepared to respond. That's the secret to all of this.
Explore non-traditional approaches to network visibility
VMware tools that help admins gain network visibility
How network flow analysis improves visibility