Over the past decade, we have seen tremendous progress and evolution on practically everything - the birth of Y2K which spurred internet revolution giving birth to eCommerce and eventually, social networks and social media explosion years later. With all these activities and the increasingly competitive business pace, companies need to arm themselves from the equally dynamic security threats that lurk on the sidelines. However, like a good troop gearing up for battle, we need to clear the air from distractions that may make or break the game. We can start by weeding out the dont's from the do's of internet and network security.
Myth No. 1: Firewalls are all the protection we need from malicious network traffic
Historical Overview:Firewalls offer network security protection which prevent and restrict user access to computers inside an internal network. Firewalls provide good perimeter security to allow networks and there are also with Unified Threat Management (UTM) options provide Online Business Softwares such as antivirus, antispam and web filtering, and sometimes Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) functionalities, with a goal to have all-in-one protection to enterprises and SMEs.
The Truth Unveiled:All-in-one UTM device firewalls in one appliance may seem to be the most fool-proof solution an enterprise could have, having integrated online business softwares and hardware. However, hacker attacks and vulnerability threats become more and more specialized, and complex over time. Most UTM firewalls can no longer serve the purpose of some applications and systems requiring in-depth protection against complex application-specific attacks. Such application layer attacks and vulnerabilities cannot be solved or prevented by network firewalls, IDS/IPS Online Business Softwares and Transport Layer Security (TLS) and Secure Socket Layer (SSL) encryption. Web, email and efax, instant messaging and VoIP are some applications that remain unprotected when ordinary network firewalls are deployed. Since the attacks are perpetrated through the same door as networks layer, malicious and vulnerability application-layer attacks are regarded as normal web traffic, thus, cannot be detected nor stopped.What You Should Bear in Mind: Each enterprise has a different need for applications and customized Business Software Packages so the concept of a one-size-fits-all and all-in-one firewall may not be appropriate to address the needs of every company. What may work as protection for a manufacturing company via an Online Business Software or a specialized Business Software Package doesn't guarantee that such will work for an ecommerce company. If you're an enterprise who wishes to achieve utmost security protection for all its applications, then make sure that all OSI layer security is considered, from Physical Layer security to Application Layer security. Myth No. 2: My network is safe because it is secured through both software and hardware methods
Historical Overview:Network security administrators deploy combination of hardware applicances integrated with an Online Business Software or specialized Business Software Packages complementing them, with a goal to provide protection from inbound network vulnerabilities and attacks. Most vendor manufacturers of hardware and software security products focus on inbound security threats since back in the day, computer networks and data are accessed usually through a confined office environment. In addition, mobility, remote access are a thing of the past and flash disks are not yet widely used back then, so the old security measures have been proven effective at that time.
But as today's generation become more computer and internet-savvy, and as businesses find the need for mobility, remote access and on-demand computing a great advantage, they initiate and encourage the use of laptops, PDA phones, flash disks, external hard drives etc. These gadgets and devices allow more productivity but pose risks on outbound security.
The Truth Unveiled:Since network firewalls, as an example of hardware appliance, focus on inbound security threats that threats brought about by internal or 'trusted' users are sometimes not considered. Since mobile devices, for example, a laptop or a flash disks, are used by internal employees daily to conduct field presentations or home computing, it is inevitable that they connect to unsecure networks or other Online Business Softwares. Once they do, the devices may have been compromised by viruses, spam and other malicious programs. The problem happens when they connect to the office network. Since they are already inside the network, they have access to almost every data, program and files the company has, as allowed by the administrator. If a laptop has been infiltrated with virus, it can then release the virus into the internal system.
What You Should Bear in Mind:If companies rely on firewalls and desktop antivirus for their email security, then this is another problem. Email misuse, data and content loss and data leaks over social networking sites are just some outbound email security threats that to this date, has been one of the major problems of both enterprises and SMBs alike. The growing popularity of communication channels add up to the impending problems businesses face day and day out. The proliferation of electronic media channels which include blogs, webmails, instant messaging, email, social networking sites and file-sharing media are rapidly becoming major concerns of IT professionals. Although some Business Software Packages are being offered to address some of the concerns, some offerings only offer partial solutions to certain areas. On some instances, it has not been perfected and so the threat continues to rise. To handle such risks posed by these new Online Business Software programs, companies need to be equipped with outbound messaging security solutions that address concerns on data security and leaks, regulatory compliance, outbound spam sending caused by botnets and zombies, causing negative impact on the company's domain and credibility.
Myth No.3 - DoS attacks cannot harm my network as long as I have antivirus and firewalls.
Historical Overview:DoS attacks are defined to be such vulnerability threats that attacks the application layer of a network, which cannot be addressed by antivirus and network firewalls. This attacks come in the form of ping floods intended to web servers, file servers and other Online Business Software applications which cannot be distinguished by network firewalls and antivirus since they appear as normal web site traffic.
The Truth Unveiled:Since an influx of requests are sent to the servers, the servers natural course of action is to respond to such communication requests, however, if the incoming requests are so massive, there will be difficulty for web servers to respond. This causes servers to reset, to lag or to malfunction. When this happens, manifestations are normally when the application slows down or stops functioning properly.What You Should Bear in Mind: Such DoS attacks cause certain major Online Business Software applications to be compromised and certain services to have slow webpage response times which poses a negative impact on service reliability and ultimately translates to lost revenue. With the rising vulnerability attacks associated to DoS, businesses need to arm themselves with web application firewalls, application delivery controllers with antiDDos functionality and maybe consider Cloud-based Business Software Packages that offer more protection and SLAs (this is, of course, dependent on the providers' credibility and product per se). They can also install proxy servers or use a Virtual IP address to obscure the true IP address of applications to protect such from attacks.
I can go on and on with the myths that I think is worthy of being talked about but that would have to wait until my next blog post =).
No comments:
Post a Comment