Making your network safe from the traditional north to south perspective is no longer enough. In a digital world, micro-segmentation that secures it from east to west is also vital.
In the modern era of cyber-crime, ransomware and digital threat vectors, your infrastructure security is more essential than ever. After all, a successful attack against a company’s IT infrastructure can easily impact an organisation’s earnings, damage its reputation, and compromise its operations.
Therefore, it is important that your infrastructure security encompasses a full suite of solutions, explains Patrick Assheton-Smith, CEO of SymbiosysIT. This would include perimeter, network, application, endpoint, data, and cloud security, as well as cryptography management and security architecture.
“One of the major challenges with traditional security is it tends to cater more for traffic from a north-south perspective – essentially traffic coming from outside and entering your network through a firewall or across VLANs. However, as organisations move to the cloud and access to the network begins to change because of this, so a new method of securing things needs to be implemented,” he explains.
Enter micro-segmentation
This is where micro-segmentation comes in, as this is a security technique that allows you to logically divide the network into distinct security segments down to the individual workload level. He suggests that by doing this, you can limit an attacker’s ability to move laterally – or east-west – through the network. This means that even if they get through the perimeter defences, at worst case, the damage they can do is contained.
“Of course, micro-segmentation at a high level is tough to achieve, and it is only getting harder. Where most organisations that play in this space focus on the hypervisor, we have instead partnered with Guardicore, which is agent-based – this means that whatever the machine, container or wherever it resides, there is true visibility. This is particularly important in solving one of the key network challenges, which is that they tend to be flat and littered with VLANs, which offer little visibility and are quite restrictive,” he points out.
“It is worth noting that the ‘Cisco Global Cloud Index 2018’ suggests that some 85% of network traffic today is east-west. When you consider that the dwell time after a breach is a huge 191 days – according to the Ponemon Institute’s 2018 ‘Cost of a Data Breach’ report – it means that without micro-segmentation, you are extremely vulnerable to a ‘low and slow’ attack, which is very difficult to pick up.”
If this happens and your network is locked down with ransomware, he adds, your backups become vital. Thus, your backup and disaster recovery strategy also needs to be solid.
“What Guardicore does is it allows you to deploy agents, inspect traffic and build a spiderweb that maps traffic across all systems. Moreover, because you can drill down to the process layer, you can build a secure system according to the specific rules your business requires.”
Assheton-Smith suggests that modern network security not only provides better visibility throughout your environment, but also allows you to ring-fence important apps, create third party access controls – for external contractors, for example – and protect older, tough-to-secure assets.
It also simplifies and accelerates compliance, enables secure DevOps, and improves detection, thus reducing dwell time. The key, he says, is to prevent lateral movement, through micro-segmentation, thereby eliminating a critical blind spot. And more, even if your security is penetrated, micro-segmentation helps to greatly reduce the ‘blast radius’.
The true value of data
Data is the lifeblood of any modern organisation and needs to be protected at all costs. Therefore, there are three important questions every business needs to ask:
* Do you know what data you have? The older, and more sprawling an enterprise is, the easier it is for these data islands to become ‘lost’.
* What does your data actually relate to? This is how you determine whether the measures you have in place protecting it are sufficient, particularly if the information is among your more valuable digital assets.
* Where is the data stored? This is also crucial, particularly in light of legislation like POPIA and GDPR, considering the fines that can be levied, should you be breached.
“Micro-segmentation works especially well with a complementary solution we offer called Groundlabs Enterprise Recon. This product provides data security through discovery and data classification – finding it and understanding how vital it is – as well as monitoring and reporting (to better understand the risk) and remediation, which is essentially the process of fixing the risk, once you understand what and where it is.
“With a solution like this, one that supports all data types and, on an enterprise storage level, supports all the key players too, means you are able to secure your data whether it is structured, unstructured, cloud-based, on-premise, distributed or remote.”
This solution, he continues, allows companies to quickly search for the data that they need to secure, by seeking out specific types of information that can then be classified according to format or type of data. It is a very powerful tool for finding all the information you have and where it is, he adds – two things you have to clearly understand before you can properly secure it.
“In today’s digital world, data is the world’s most valuable and easily traded resource, which is why it is more crucial than ever to protect it to the best of your ability. After all, if you think it is valuable to your business, imagine how important it is to cyber-criminals, and they do not care about the damage they cause to your company in obtaining it. Data should thus always be the centre of your world, and with SymbiosysIT on your side, we will help you ensure it remains that way – safe and secure,” concludes Assheton-Smith.