When it comes to the issue of security, there is great silence in the IT world. Enterprises do not know what protection mechanisms they use or when and how their systems have been attacked. Also the employees would like to ignore the attack of their systems with viruses, Trojans or worms.
The trend is growing
However, the built-in safety solutions quickly alarm. In this case, the colleague is often suspected of having called illegal pages. However, checking the browser history mostly shows that these accusations are unfounded.
Internet of Everything
The greatest danger is now from normal Internet offers. For example, the latest study, the "Cisco 2013 Annual Security Report," found that webshops 21 times and search engines 27 times more often malicious content than pages with fake software.
Checking in the network
Online advertising spreads even 182 times more likely malicious programs than about porn sites. Thus, managers, administrators and employees must adopt the idea that a ban or waiving the use of illegal offers is sufficient to avoid such infections of IT systems.
External Management
The danger of conventional Internet sites is being intensified by the increasing mixing of professional and private life. Many employees use professional applications and devices in private, whether in the office, at home or on the road. Through online shops, social networks or attachments in the private mail account, they can quickly capture malicious programs and transfer them to the corporate systems via the device or the application.
In turn, they also use their private devices at the workplace - the keyword "Bring Your Own Device" (BYOD). If these devices are not sufficiently secured, they are also a possible gateway for malicious programs on the corporate servers.
Employees, especially young people, are becoming more and more light-weight. According to the "Cisco Connected World Technology Report," many of the Generation Y employees are compromising on security when balancing data protection and the need for social and personal online features.
In social networks, for example, they often give personal information in order to use additional offers. According to the study, it is particularly noteworthy that more generations of generation Y feel more comfortable sharing personal data at shopping sites than the IT colleagues in their company - even though they are paid to protect their identities and devices Code>
Accordingly, more than 90 percent of young employees believe that the age of data protection is coming to an end - three out of five even say it's over. Thus, a large part not only provides personal data, but also company-specific information on the Internet.
At the same time, Generation Y expects free use of social media, new device types and mobile applications at the workplace. For example, four out of five young employees who know of IT policies in their company say they do not stick to it. Two-thirds even believe that IT is not in principle entitled to check their online behavior, not even when using company-owned devices in the enterprise network.
In the near future the "Internet of Everything" will increase the risk. As more and more people, things, and devices are connected to the Internet, more and more data are being transmitted from more and more places over networks of companies and service providers. Mainly links between machines (M2M) are growing exponentially.
This results in an "any-to-any communication," ie, the connection of each device and object across all networks with all cloud offerings and applications. By 2020, some 50 billion "things" will be linked to the Internet. The number of connections will be more than 13 trillion. Just adding an additional object will increase the number of potential connections by a further 50 billion.
These new links create data transfers that need to be controlled and protected in real-time. In addition, they are to be monitored transparently across the entire network so that they are not compromised and possibly cause irreparable damage.
Practical example Schneider shipping
With security, the focus moves away from the end point and the periphery to the entire network. Because of the extremely high dynamics of users, devices, applications, servers and network connections, the need for an intelligent, comprehensive security approach, which must simultaneously be highly scalable, increases. To this end, IT security will have to be combined with the Software Defined Networks (SDN) approach in order to separate the control from the data plane.
As a result of BYOD, Cloud Computing, and the Internet of Everything, the traditional network limits are being solved, a classic firewall and an intrusion prevention system (IPS) are no longer sufficient. Accordingly, network architectures need to include intelligent control and endpoints across the Internet.
While data centers and local networks are largely protected by traditional security solutions supplemented by specific approaches to BYOD and extended usage guidelines, new architectures are required for mobile workers or cloud applications. These include, in particular, cloud-based security solutions for web and e-mail usage, communications solutions and other frequently used applications.
Because security solutions work across the Internet and are therefore independent of the location, they are not only based on physical but also on virtual appliances. These have to be switched on to any company-specific applications or infrastructures, and therefore also to be independent of the device.
After all, the company can not know whether the mobile employee is using his or her own smartphone or tablet, a friend's or colleague's device, or a PC in the Internet Cafe or the hotel lobby. For example, employees are provided with up-to-date security solutions using a private or public device, such as Internet access and e-mail access, with company-owned devices providing full access to the corporate network.
Due to the high utilization dynamics, firm security guidelines for communication are now no longer sufficient. Instead, they must be flexible depending on the person, location, device and other criteria. This is called context awareness.
A further challenge is to update and manage the security solutions. Because they are cloud-based, it is obvious that they are centrally managed and scalable globally. Because companies often can not do this with sufficient security and reliability, or with a great deal of effort, they usually rely on external specialists.
They manage and update the security settings of the virtual appliances centrally and offer this as a software as a service. At the same time, the customer can then usually reduce or even partially remove his own permanently installed security systems and save the necessary maintenance.
However, this requires that the service provider continually checks the current threat and defers new threats through security patches, or relies on the solution of a vendor that provides updates to firewalls, IPS, e- Appliances and other security solutions. Only then are business-critical processes constantly protected.
Practical example Schneider shipping
No comments:
Post a Comment