Today’s information security landscape is continuously evolving, and as attack vectors continue to change, breaches are becoming more frequent and sophisticated than ever. The security measures of five years ago are no longer adequate.
The “golden rules” from yesteryear went like this: run antivirus software, don’t write your password on sticky notes, don’t click on suspicious links, select strong passwords and vary them.
While all of these rules still apply, the reality is that yesterday’s robust security measures are nowhere near sufficient to combat the dangers of today’s complex threat landscape, and there is a continuous need for organisations to adapt to this increasingly hostile environment.
With that in mind, here are seven key observations to help safeguard data against the rapid pace of change in enterprise security.
1. The end of generic ‘best practices’ security
Compliance is a starting point, not a security programme, and organisations that are still checking the boxes on the audit report run the risk of a security breach. This is an important conversation to have with the board, using this to drive the culture towards security that’s specifically tailored to the business.
2. Patching needs to be a daily event
Flaws in applications, services such as DNS and foundational software mean that companies cannot afford to wait a month or more for patches to fix security vulnerabilities. Therefore, organisations should ensure they can manage at the application level, with instant remediation across workstations, mobile, servers and clouds, to respond without having to push new desktop images.
3. Personalise security
With attack vectors ever evolving, it’s getting increasingly difficult for IT and security professionals to differentiate the malignant from the benign security attacks. Targeted attacks go after individuals with personalised messages from a seemingly trusted source, and organisations are at risk when an attacker finds a vulnerable target.
More workplace education is necessary, but it can only do so much. Organisations that are hardening must reduce their default attack surface as much as possible, and containment strategies will help to keep security attacks at bay.
4. Expect breaches
Breaches are now a reporting requirement for many organisations, despite being formerly denied and discussed in secret. A prescribed approach to incident management includes both technical and reputational responses, and virtualising all browser-based access has become a leading practice for containing attacks against popular entry points for organisational breach. Containing breaches and their impact has been a deciding use case for app virtualisation across governments, healthcare and financial services.
5. End-to-end encryption is essential
Criminals are aware of the value of encryption, with ransomware leveraging encryption as a weapon. It is therefore crucial for encryption to protect sensitive data within and between applications from desktops to mobile. Control encryption for endpoints through app and desktop virtualisation, on mobile devices with enterprise mobility management, and for cloud and web apps with an application delivery controller with an embedded web app firewall.
6. Security begins with access
A deep understanding of highly situational context is necessary to control identity, authentication, authorisation and access control. IT professionals must ensure they implement the ‘5Ws of access’ for employees and non-employee access. It is also important to use virtualisation to provide fine-grained access control for privileged users and to ensure that there is no direct access to sensitive data.
7. IT has competition
Many end users think they can do computing better themselves and in many ways, they can – but not for security. To stay ahead of the competition, ensure that shadow IT, unsanctioned BYO and the use of consumer-grade apps, clouds and services for sensitive data are replaced with IT-controlled and sanctioned offerings. This can be simplified for users by enabling single sign on, improving their access and automating a superior experience across devices.
This is by no means a prescriptive or even exhaustive list. The demands on information security teams will not ease anytime soon. Organisations cannot afford to ignore the growing threat of attack vectors, as the methods in which they seek to exploit will grow exponentially with the arrival of more and more connected devices, people and locations.
What does the future hold for information security? When looking back in the future, today will likely appear comparatively easy up against what’s to come. With the small matter of the Internet of Things on the horizon, the challenge to protect data has never been more relevant.
Sourced from Christian Reilly, CTO, workspace services division, Citrix