Mobile workforces, the Internet of Things (IoT) and public and private clouds have stretched network borders to the point where they’re no longer recognizable. When your network gateways can be virtually anywhere, how can you keep your critical data secure without grinding business to a halt?
It’s a tough question every organization must answer, especially when faced with increasingly mobile, on-demand workforces and the challenges they entail. In fact, IDC expects mobile workers to account for three-quarters of the U.S. workforce by 2020, while RightScale finds that today, more than three-quarters of enterprises are using private clouds and 71% have adopted a public/private hybrid cloud infrastructure. Add to that, an expected 30% increase in IoT use this year – accounting for 6.4 billion devices – and the challenges become even more acute.
As BYOD programs, cloud applications and IoT initiatives proliferate, enterprises are forced to open the corporate network and the critical data it supports to users, networks and devices they no longer can confidently monitor and manage. It’s no wonder we see a rise in threats emanating from within the network as opposed to outside it.
Cyber Threats Move Inside
Consider, for example, mobile malware that sets up shop on a trusted employee’s iPhone that travels via a corporate VPN to gain access to a company’s financial database. Or, a worker checking email at the corner Starbucks, only to have his credentials stolen via a common Wi-Fi attack. In both cases, attackers easily traverse the perimeter by riding the coattails of trusted internal network users to get the run of the place.
This is because most internal networks place their faith in increasingly ineffective perimeter solutions and consider everything inside the network to be trusted. Consequently, few have controls in place to ensure that attacks against one internal user don’t pivot and siphon off critical data from other internal systems.
Cybersecurity Focus Shifts
In perimeter-less environments, security needs to change to focus on:
- Layered defense: As perimeter defenses become less effective, organizations need to layer on additional solutions including behavior-based network and endpoint controls designed to ensure all users – external and internal – don’t open up the network to attack.
- Scalability: Security policies and enforcement need to work and scale across the entire distributed network, be it internal, mobile, cloud or partner-based.
- Visibility: All security solutions – from endpoint, network, application and data center controls to the cloud — must collaborate to identify threats that might be missed by a single tool alone, enabling threat data to be collected, viewed and managed from a single pane of glass.
- Actionable threat intelligence: Global and local threat intelligence should not only be shared in real time across the distributed network, but it should be funneled up and orchestrated through a central management console, enabling fast, efficient response to even zero-day attacks.
Our partner Fortinet’s approach to cybersecurity provides all these capabilities. Its security fabric weaves together a variety of discreet security solutions, enabling IT to coordinate and manage them efficiently while gaining a clear, centralized picture of all network threats. As a partner of Fortinet, CCSi can help you leverage the security fabric to improve visibility and share threat intelligence in, out and across borderless networks. Learn more.