Network security
Network security is an integral part of network infrastructure. As our network security needs evolve, email security, gateway protection, web/content filtering, data loss prevention, application control and email encryption may all be potential areas of concern for customers. However, how do you stay ahead of the pack by avoiding the cookie cutter approach and helping your customers select the right solution for their needs?The network security landscape is constantly changing. There are many organisations offering solutions and protection from malware and threats to the protection of an organisation’s information bank. As the competition intensifies within the security appliance industry, it is important to ask yourself how you will not only survive today’s challenges in delivering what your customers want, but also survive tomorrow? Key to success is identifying your customers’ needs, tailoring a solution to address those needs and adapting your systems and processes to address the changing needs of the future. Following are some of the areas of concern for customers that resellers should consider when it comes to offering targeted solutions.Prevention of Email/Webmail Borne Threats Let’s face it, email has become an intrinsic part of our lives and most of us cannot imagine life without it. Whether it’s for personal or work reasons, we rely on email as an essential means of communication. It is estimated that in 2010, 107 trillion emails were sent worldwide with roughly 294 billion of those sent on a daily basis. Unfortunately 89.1% of these were spam (tinyurl.com/5s8nfrm). Hackers, scam artists and people with malicious intent see email as an opportunity to infiltrate computers with email-borne viruses. In order to prevent this, all emails entering the network must ideally be evaluated and approved before reaching the inbox. Possible Solution: An email security solution should be able stop the majority of spam at the connection level, freeing up valuable bandwidth. Resellers should ensure the ‘security throughput’ of solutions provides sufficient capacity to accommodate existing and predicted bandwidth requirements. Emails should be scanned for malware and the message and any attachments should be checked for links to undesirable websites. An end-user quarantine can delegate control of questionable emails away from IT. HTTPS inspection extends the same level of security to web-based mail. Data Loss Prevention (DLP)According to KPMG’s Data Loss Barometer, in 2009 alone, more than 113.6 million people were affected by data loss (tinyurl.com/3baz2fz). Organisations not only need to protect themselves from incoming threats, but also insulate their systems and processes from allowing sensitive information leaving the company. With the evolution of web-based applications, organisations are still largely uncontrolled and unmonitored when it comes to employees using email, social networks, webmail, file transfers and more. Statistics show that data-in-motion accounts for more than 83% of all data loss violations and that 73% of data loss violations are accidental. Apart from communication, employees rely on email as a central filing system where they store the bulk of their critical business information, dramatically increasing the probability of leakage of confidential data. Possible Solution: To avoid data leakage, organisations need to have a comprehensive DLP solution in place. Such defence-in-depth solutions protect networks from inbound threats to data (such as malware), and outbound DLP measures to prevent confidential and sensitive corporate information from exiting the organisation.Safe Web BrowsingOrganisations need to focus on extending their security boundaries beyond email protection. The potential of installing a virus onto a computer’s hard drive is heightened when surfing questionable websites. With the shift in work practices and more virtual offices around, it is no longer possible to monitor what websites are being accessed by staff on a day to day basis. Inappropriate sites can be easily and unintentionally accessed by employees either from the workplace or from remote locations. Employers need to control how and what applications can be accessed or utilised for individuals and groups with acceptable use and application controls.Possible Solution: When adding a comprehensive web security subscription, customers can extend their ability to prevent leakage or exposure of sensitive or confidential data-in-motion across web channels. Employers need to look at options which reduce bandwidth consumption and server loads with critical web traffic enhancements for a less expensive, secured and better performing network. They also need to control how and what applications can be accessed or utilised for individuals and groups with acceptable use and application controls.Email EncryptionAn email message may pass through several waypoints across the world before reaching its intended destination. Each of these pass along the message in-the-clear, meaning your email, including attachments, is available for anyone to read and steal, much like mailing a postcard. A single weak link along this path may compromise the confidential information of a message and can potentially result in leakage and exposure of sensitive information. The consequences, including brand erosion, loss of customer confidence, financial repercussions, legal penalties, regulatory violations and fines, and public embarrassment, can be detrimental.Possible Solution: Email encryption solutions have historically had low uptake due to the difficulty in using them. Modern solutions can help by automatically triggering email encryption based on policy, content, sender and recipient including mobile devices, such as iPhones and Blackberrys. ‘Replies’ and ‘forwards’ of encrypted mail are also encrypted. When combined with a DLP solution, email encryption allows safe communication of sensitive information where authorised.Secure Remote AccessWork patterns are changing with more staff working remotely from home and virtual offices. These emergent work practices not only demand more robust communications capabilities for an organisation, but also call for more ramped up network security. The risk of an intrusion significantly increases when employees are working from a remote location, such as home computers or laptops. Scanning all major protocols, including HTTP, HTTPS, FTP, TCP, UDP, SMTP and POP3 is necessary to ensure traffic entering the company’s network is not going to compromise the confidentiality and safety of private corporate information.Possible Solution: Secure remote access solutions provide reliable client and clientless connectivity to corporate data and resources, such as email, file shares and CRM. These all-in-one appliances offer the flexibility to provide basic access to networks with an auto-loading client, as well as more sophisticated access to web-based resources.Application ControlDid you know that if Facebook was a country it would be the third largest in the world? With this new social media revolution, new internet and social media applications are a common source of vulnerabilities and attacks. IT pros are faced with the challenge of managing or controlling a vast array of web applications without hindering productivity. Furthermore, some applications also use evasive techniques like encryption, and exploit the poor distinction between ‘web site’ and ‘web application’. No longer does a traditional firewall with only port and protocol numbers suffice; businesses need to set granular controls and clearly understand their purpose.Possible Solution: Solutions which combine user awareness (via directory integration), application control and security are considered next generation firewalls. Not only can they provide several layers of security, they allow new levels of control and access which enable IT to accommodate the most complex business requirements. Perhaps only the marketing department is allowed Facebook access during business hours, but only to maintain the corporate Facebook presence, not play games or use the Facebook chat facility. Need to block evasive proxy avoidance tools at a school done.Customer relationships are built on trust and exceeding their expectations. Keeping in mind the following points, in addition to the above solutions, will help you achieve lifetime value from your customers:
- Offer solutions that not only meet the customers’ current needs but may be adaptable to the future needs with minimal outlay.
- Ensure the security throughput of solutions provides sufficient capacity to accommodate existing and predicted bandwidth requirements.
- Offer a defence-in-depth strategy using multiple anti-malware engines eliminating the need for multiple appliances.
- Ensure the solutions offered are easy to install.
- Solutions offered should be able to grow with the changing business needs without having to outlay additional capital for new hardware.