The information and communications technology (ICT) sector is one of the main driving forces behind organisational competitiveness in the modern business environment. Modern businesses increasingly rely on network-supported technologies, such as cloud computing, mobility and the Internet-of-things (IoT). However, security concerns loom in today’s complex, ever-changing environment, with employees seeking mobile convenience and organisations struggling to ensure that these demands do not compromise security.
Mark McCallum, CTO and head of solutions, sub-Saharan Africa, Orange Business Services, explains that with the influx of international and local businesses into Africa, it is becoming imperative for businesses to properly embrace the digital transformation. “With the escalation of security threats, several ICT policies and practices are being pushed to the limits and this results in a growing need for hybrid network enabled security,” he says.
Successful organisations are moving beyond traditional and superficial approaches to security to focus on more intelligent and metadata driven approaches to a hybrid network enabled security. By leveraging a systematic understanding of big data, enterprises can more holistically improve their security positions and ensure big data remains an asset, and not a liability. One of the major issues with big data is the rate at which it is growing and volumes of data that are being added each day.
The key to protecting ones business against these multiple threats is to take a holistic approach to security and have a strategy in place to mitigate the impact of breaches, as quickly as possible, through a comprehensive and proactive approach to security.
Below are 10 tips to assist in building multi-layered security that protects data and infrastructure, while keeping your business competitive in the digital world.
1. Break boundaries with network-based security: traditional approaches to security rely on many different solutions installed at the boundary between a “trusted” private business and the “untrusted” public Internet. Overwhelmed enterprise IT security professionals are demanding a network-based solution that is specifically engineered for the cloud, mobile, IoT and open API era where there is no fixed network perimeter.
2. Take a strategic approach: Security experts from a CyberSOC can help you prioritise which data is most important to your business and outline ways to reduce attack risks. Understand cybercriminals’ objectives, be those monetary, ideological or competitive – rather than focusing on system vulnerabilities alone.
3. Gain insight with a security information and event management (SIEM) platform: it correlates security alerts and turns them into actionable intelligence. SIEM can help identify malware and abnormal application access requests to detect intruders in your network. Big data analytics powers real-time threat visualisation, dynamic incident response and post-event forensics.
4. Dynamically match infrastructure to business requirements: choose the most appropriate network based on the business criticality of the data travelling on it, such as private WAN, or secured public Internet connectivity with a private, shared or public gateway.
5. Deliver security from the cloud: it is vital to have consistent security protection across your entire IT infrastructure – including mobile devices. Use security protection in the cloud to block suspicious data before it even reaches the end-user.
6. Authenticate users for all enterprise resources: federated identity and access management (IAM) scheme gives approved employees and partners access to cloud and on-premise applications from any device using a single login. Multi-factor authentication protects VPN access over unsecured Internet connections.
7. Protect data in public environments: Sensitive data, such as customer records in Salesforce, should be encrypted and tokenised before being processed or moved between public and private clouds.
8. Look beyond standard IT infrastructure: operating technologies in the manufacturing, oil, gas, water and electricity sectors are now online and data increasingly processed in the cloud. Industrial control systems and SCADA systems need protection too.
9. Protect the Internet of Things (IoT): the devices that make up the internet of things are a potential weak link in your security chain. The dangers posed by insecure protocols and unpatched firmware accelerate dramatically when you consider the number of devices that are out there.
10. Investigate virtualisation for a more dynamic network: in the future, you will be able to provision different types of virtual security appliances in response to real-time threats using a NFV control plane. While the SDN controller will be able to steer, intercept or mirror the desired traffic for security inspection, creating a security service chain.