The best security strategy amid explosive growth of users and devices
Technical Solutions Architect - Cybersecurity
Technology, Innovation, Mobility, SDN, Security
What do a surveillance camera, a USB stick or a vending machine have in common? Years ago, very little. But, today, they are all connected and can all be a point of entry for the bad guys looking to cause harm or expose your most important business asset: your data.
With connected devices expected to almost double in the next 4 years, businesses of all sizes and governments are starting to realize that a breach can come from the most innocuous devices, from baby monitors to railway systems. Imagine the harm a hacker could cause if he or she were to change the track control system.
Companies are also starting to grasp the depth and speed at which it can happen, often causing business and image damage that many don’t recover from. Take the Equifax breach as an example, which led to the exposure of financial and sensitive data of 143 million Americans. Now, after admittance that this was an avoidable hack, for the first time ever, a company may have to pay an actual compensation to the affected people and the entire chain of command has stepped down, including the CSO and the CEO.
Scaling with security and simplicity
You know about the impact of a data breach, so the question now is: how do you prevent it?
Traditionally, there hasn’t been a silver bullet to take out all the threats. This is why there is a very diverse landscape of varying products, vendors and capabilities. The problem with this approach is that it creates a lot of complexities and holes in the security environment, as most of the times they are not integrated or working with each other. Adding more boxes, speeds and feeds won’t solve the issue, just make it more complex and ineffective.
At a time when devices don’t stop multiplying, more in Asia-Pacific than anywhere else, we believe the best approach is to rely on the platform that connects them all - the network. All it’s needed is an embedded technology that will allow us to capture the flows of information that go through the network and establish correlations, learn baselines and be able to decipher threats quickly.
Perfecting the art of using the network as a security asset is core to everything we do at Cisco. Eighty percent of the world’s data runs through a Cisco Network, making us best positioned to glean more intelligence from the network.
Cisco has an entire portfolio of best-in-class products and innovations that lead the industry. But today, we’d like to focus on one of the key tactical prevention methods very often underutilized: segmentation.
In essence, segmentation allows us to identify things and users and define the trust level we should provide between two zones, two segments, two hosts or even two processes. While this is not new, till this day it’s remained manual, time-consuming and costly. Even more as the number of devices and users continues to grow. If you are a large company with a diverse set of user types — employees, contractors, BYOD, partners - then you undoubtedly have faced a challenge to properly segment these users, and more so when we combine privileges of system and user (BYOD and Internal User). This change and influx of devices have made segmentation even more challenging.
Well, struggle no more. Cisco has recently launched Software Defined Access (SDA), which allows us to do the segmentation work automatically, without a physical redesign of the network. Thanks to SDA, we are now able to write policies once and apply them everywhere, with a drag and drop movement, automating them across every user, device and application on the network. This means that if a printer, or any other wired or wireless device, moves to a different floor, there will not be a need to reconfigure the network, as the policy follows the endpoint and user, including off the network via VPN.
The other great thing about SDA is that it makes it much simpler to separate the trusted from the untrusted. Keeping those two separate is critical as many of the breaches we read about have directly exploited the trust relationship between users and applications or partners and vendor permissions. Recently, a large retail company was breached not by the threat actor using traditional techniques, but rather by the trust relationship between the heating and cooling company that was allowed to physically plug into the network and access certain systems. The threat actor gained control of the laptop used by the non-IT technician and used this system as a jump point to gain access and steal internal data.
If you are in Asia, this capability is absolutely critical to your business success and growth. This is the part of the world where more hacks have occurred and where more IoT attacks originated in recent months and years. These can be prevented and all it takes is the network.
In a next blog, we’ll discuss the 3 ways you can use the network for security purposes. Stay tuned!