IT admin must stop griping about emerging social trends
September 30, 2011
With the consumerization of IT and the prevalent use of
social media tools at the workplace, the tide has changed. It is time network
administrators look for better ways to control and secure their networks.
As Hollywood makes a quick buck on movies such as The Social
Network, IT administrators fret and get increasingly worried about the
potential security implications for their enterprise networks. Take for example
malware laden "hot" links that capitalize on trends such as the
deaths of Amy Winehouse and Osama bin Laden, social media is yet another
avenue, among a long list, being used to propagate malware online.
Not that such fears are unfounded, or that security breaches
are things only large companies need worry about. In fact, cyber criminals are
oblivious to business size as every network represents a fair challenge for the
hacker and their army of bots.
Last year, an Information Security Breaches Survey revealed
that 83 percent of small businesses in the U.K. had experienced a security
breach and damages on average might reach 55,000 pounds (US$85,978). No such
study has been conducted in the Asia-Pacific region, but it should not be any
surprise if similar results are found, especially among digitally-enabled
economies such as Singapore, Malaysia, Korea, and Japan.
Aside from having to battle threats from the
"outside", danger emanates equally from within the enterprise.
With the consumerization of IT, employees are eschewing
their company-issued BlackBerries and replacing them with personal devices, and
running on them, hundreds of thousands of unapproved, backdoor-sy and
potentially dangerous applications. Remote backup, remote access tools and
file-sharing clients are just the stuff security nightmares are made of.
Even desktops and laptops that have been locked down and
patched can be circumvented by the latest malware equipped with the latest
exploits. Increasingly, we see malware authors using a sophisticated
combination of techniques, called advanced persistent threats (APTs), which
include social engineering, spear phishing and rootkits, to compromise and
steal data from companies--some as large as Sony and RSA.
IT administrators, thus, need to be prepared for the
worst-case scenario and prepare for when Trojans and bots enter their fortified
enterprise networks. They will have to deal with ever increasing risks even as
upper management ignores their pleas and jump head-on into social media, BYOD
(Bring Your Own Devices) and freely available applications in the search for
more business opportunities, lower costs and better productivity.
Instead of griping, IT administrators should look to newly
available security tools that will help them regain some semblance of control
over their networks. There has been one small piece of good news in recent
years with the development of network technologies operating at the application
layer (or Layer 7), which basically refers to the unique way all programs
communicate. This is important as all malware or applications, regardless of
platform or operating system, need to communicate, sending and receiving data
and instructions.
If your enterprise is only concerned about controlling
browser access to Facebook or YouTube, it's time to rethink your IT strategy.
Many of these Web sites are accessible using standalone applications on a wide
variety of devices, for instance, Dropbox and YouTube. Most of these are
designed to circumvent rudimentary firewalls and aging Web filters that control
access to a network, simply by restricting port numbers or URLs. Imagine
allowing everyone through airport customs if they are over 2 meters tall, or
with the surname Tan!
Application control at Layer 7 removes this ambiguity by
scanning all network traffic and identifying all applications communicating
over the network. With close to perfect detection rates, network administrators
will be able to harness this technology to fully understand and control their
networks.
The important lesson going forward for any enterprise
network administrator is to think about how they can embrace new trends such as
BYOD, social media and cloud computing, and manage the associated risks as we
move toward an increasingly app-centric world.
My advice would always to be on the lookout for new
technologies to help build upon the many layers of network security, and to be
proactive in deploying tools that provide real-time capabilities to constantly
monitor and mitigate threats that (will) occur.
And at the risk of sounding cliché, unless you are a
visually impaired Japanese master swordsman, a "blind" network is
essentially a broken one.
---Kostas, CTO, Niometrics
