What is the real correlation between data security, network speeds and network monitoring? Some say the higher the network speed, the bigger the risk to data security, and in turn the more difficult it is to monitor network activity. Is that true, or is that just a myth?
Ask the Expert!
Have questions about network security for expert Brad Casey? Send them via email today! (All questions are anonymous.)
Well, it really depends. Yes, the network speeds may result in larger volumes of data to monitor, but it also allows for better performance when processing encrypted traffic because the overhead that is inherent in all encryption becomes more transparent to the end user. So to me, this is a double-edged sword.
If your organization has the manpower, technology and know-how, then I would say that this is a myth. On the other hand, if your organization lacks resources in any of these three areas, then I would most definitely say this is true. Manpower allows for a greater division of labor and, at least theoretically, a quicker, more efficient approach to network monitoring. What is referred to in terms of technology is whether your network infrastructure has sufficient capacity to withstand the higher throughput. It may be said that this is basic with regard to how higher network speeds can help or hurt a given network. Know-how refers to the competency of those who are responsible for maintaining the network infrastructure. After all, what good is increased throughput and better technology if no one is capable of operating within the environment?
Furthermore, if your organization is really serious about security, and it's willing to allocate the money and aforementioned resources necessary to monitor network activity, then the difficulty quotient is nil. However, if you work for a startup and resources are hard to come by, then a high-speed network may be rather difficult to monitor with any degree of accuracy due to the large amount of data involved. I hate to be wishy-washy, but this question gives birth to answers with dozens of caveats.
Dig Deeper on Real-time network monitoring and forensics
Related Q&A from Brad Casey
Allowing users to tunnel through a firewall to access any site creates a security risk. How big of a risk is it? It depends on how much you trust ... Continue Reading
Our IT organization needs to secure customer names, but also needs to conduct searches on the entire customer database to match and merge records. Continue Reading
Don't treat physical and virtual machines' security differently. Since VM security issues threaten the whole infrastructure, here's how to stop ... Continue Reading