Occasionally folks forget about covering the fundamentals of security and start off down a rabbit hole following some shiny new technology that turns out to be just a rat hole. With today's limited security budgets you need to be sure that you've adequately covered your highest risk areas before moving on to other things. The high-risk areas are, of course, not the same for everyone and will change on you fairly frequently. The bad guys are always mixing it up; the attacks we see prevalent today are not those that we saw just a few years ago. Thus the reason for this article, to take a look at the top 5 security solutions you can put in place today to cover the widest scope of current and emerging threats. In many respects these solutions are considered obvious "no brainers". But, you'd be surprised by how many companies (big and small) that don't have them in place. Many times it is the obvious that temporarily escapes us (or at least escapes those holding the purse strings ☺)
These 5 items working together will stop more cyber attacks on your data, network and users than any other 5 items in the marketplace today. There are lots of other very useful security solutions on the market but when it comes to picking the top five most effective and readily available ones here are my choices:
Firewall – The keystone of network defense for a decade or more is still required for solid foundational security. Its job is still fairly simplistic; control what data flows can go where. Without firewalls in place to drop unwanted flows, your job of protecting your assets increases exponentially. Firewalls need to be present at your external perimeters but also inside of your network for secure segmentation of data. Deploying firewalls internally is a relatively new best practice. It is largely driven by the dissolution of any sense of a tangible, reliable network border that can differentiate trusted network traffic from untrusted external network traffic anymore. Our nice clean Internet border of old just doesn't exist anymore in modern networks. What has also recently changed is that firewalls are getting smarter and more granular in there definition of data flows. It is now common for a firewall to be able to control a data flow based on the type of application or even application function it represents. For example, a firewall can block a SIP voice call based on what number was dialed.
Secure Router (FW, IPS, QoS, VPN) – Routers are everywhere in most networks. By tradition they have been used just as traffic cops for flows. But modern routers can do so much more than that! Routers are chock full of security features, sometimes even more so than a modern firewall. Most routers in the industry today are capable of robust firewalling features, some semblance of useful IDS/IPS functionality, robust quality of service and traffic management tools and of course strong Virtual Private Network data encryption features. The list doesn't stop there either. The power of modern routers to add to the security of your network is commonly overlooked today. With modern vpn technology it is fairly straight-forward to start encrypting all of the data crossing your WAN links, but very few people do so. It is also too atypical that folks use the firewall functions and IPS features in their routers. Turn 'em on and see your security posture improve!
Wireless WPA2 – This is the no-brainer of them all. If you aren't using WPA2 wireless security then stop what you are doing and form a plan to start doing so. Many other methods of wireless security are not secure and can be compromised in minutes. Don't make it easy for the bad guys, turn on WPA2 with AES encryption today.
Email Security – We all know email is currently the top attack vector used by black hats. Viruses, malware and worms all love to use email as their propagation method. Email is also the top way we loose most of our sensitive data. On top of the threats and data loss we experience through email we also have simple junk mail, spam. About 90% of all email sent today is spam! A good email security solution will get rid of the junk and filter out the malicious stuff as well. It is likely that if you are getting a lot of spam through your current system then you are getting even more malware through it. The thought process being that the spam features in email security gateways is usually the focus, core competency of the product. So if it is not doing its job dropping spam then it certainly isn't doing its job catching malware and data leakage.
Web Security – Threats coming from port 80 and 443 are rising faster than any other threat vector today. The expanding complexity of web based attacks necessitates that a company deploy a robust web security solution. Simple URL filtering has been with us for years and it is a core component to web security for sure. However, web security needs more than just URL filtering it needs AV scanning, malware scanning, IP reputation awareness, dynamic URL categorization techniques and Data leakage prevention functions. Attackers are compromising high profile sites at such an alarming rate that if we just relied on URL white list, black list filtering we'd have nothing left in the white list anymore! Any web security solution has to be able to dynamically scan web traffic to make a decision on its validity. Of all the solutions listed here, it is in web security where taking the risk of deploying a cutting edge, best of breed solution will pay of the most. The other solutions on the list are, for the most part established and mature. Web security solutions bells and whistles are coming out as fast as the hackers are building new attacks. Well ok, not quite that fast.
What are your thoughts on my choices for top 5 security no brainers? Think I got it wrong or right? If you had to add a sixth one what would it be?
If your company doesn't have all of these 5 in place today, go bang on some doors and raise the roof on awareness! Don't let it all burn!
The opinions and information presented here are my PERSONAL views and not those of my employer. I am in no way an official spokesperson for my employer.
Article taken from: http://www.networkworld.com/community/node/59971