Mitnick In The News
This week?s five: Look beyond guards ? Investigate your IT
This Week’s five is a weekly column on five recent reads from all over the web. This week, we’ll talk about IT security.
“I get hired by companies to hack into their systems and break into their physical facilities to find security holes. Our success rate is 100%; we’ve always found a hole.”
How do you feel when you go back to your workplace after a weekend, switch on your computer, go through your accounts, and find out that nothing bad has happened? Lucky? Well, probably not. It might be just another day at work for you. But, trust me when I say this, you should definitely feel lucky. There are many not-so-lucky ones out there. Anthem wasn’t so lucky when its database that contained as many as 80 million employee and customer records was hacked in 2015. eBay wasn’t so lucky when 233 million customer accounts were compromised in 2014. IT security attacks may have been the work of lone hackers or small groups in the past, but now professional groups have emerged, coming up with something new every day.
These professional groups have led to new trends. Earlier IT security used to be a sentry at guard. Now, to avoid future breaches, enterprises have to use intuitive detection based on data forensics and monitoring tools. In addition, more and more security breaches are now going public, alerting other enterprises.
Speaking of breaches, according to Gartner, “By 2018, the need to prevent data breaches from public clouds will drive 20% of organizations to develop data security governance programs.” So, why are breaches so important? And where do they come from? According to a report from PwC, nearly three quarters of small to medium-sized enterprises (SMEs) fell victim to data breaches last year. Never thought about how your smartphone could cause a million dollar loss? Well, it can. According to the report, a third of those breaches occurred through user devices.
In an era of smartphones, enterprises are left with no choice but to include BYOD in their policies. What they need is a centralized system to keep an eye on all the mobile devices that are connected to their network. And as a matter of fact, such systems do exist. MDM (mobile device management) allows enterprises to monitor and keep track of mobile assets, perform remote locks and data wipes, configure policies for accessing enterprise resources, and much more. While many enterprises have already deployed MDM, it is critical that they include special BYOD provisions, such as devising profile strategies and selective access.
Now, BYOD is a big deal, but it’s just one threat magnet from a bag full. You can’t fight them all. Sometimes you need to work one step ahead and, as I mentioned before, act more like a detective and less like a sentry. The best way to do that is by investing in SIEM (security information and event management). SIEM not only keeps track of all event logs, it also mitigates internal threats, reports user activities, monitors regulatory compliance, and conducts log forensics. In short, it acts like Sherlock Holmes for your IT, always looking out for discrepencies and threats.
But where’s Watson? How cool would it be if your Sherlock got a complementary partner who could add to the forensics, like Watson? Another Gartner prediction says that, “By 2020, 80% of new deals for cloud-based cloud-access security brokers will be packaged with network firewall, secure web gateway (SWG), and web application firewall (WAF) platforms.” Firewalls might guard your perimeter, but this alone will not make your organization secure. The only way to ensure security is to continuously monitor the logs generated by your firewalls and other security devices. Logs normally contain a wealth of security information and could even provide vital clues on security incidents waiting to happen. Manual approaches to firewall log management and analysis are time consuming and error prone. Instead, you need a firewall log analysis solution that significantly improves your IT security. A system like that could finally be your IT’s Watson.
You can’t talk about event logs and device monitoring and not mention AD (Active Directory). According to a recent survey by ManageEngine, 70% of Windows environments are at risk of malicious attacks. And for a domain based network, AD is the key to everything. AD permits enterprises to recognize and secure their information assets. Moreover, it enables enterprises to monitor information access and usage. Audits and inspections provide further useful information on unauthorized usage and potential abuse of access rights and privileges. So, monitoring AD also becomes essential for security.
So where do we go from here? To Sherlock? To Watson? Or maybe to some MDM provider? It’s all hectic and tiring, isn’t it? Why wander between different vendors when the key to managing your IT security is just one click away? ManageEngine applications not only secure your IT, but also simplify your entire IT management. You just figure out what you need, and we’ll provide.