Much to the dismay of network administrators, IT security today is complex and multi-faceted, from the varied attack vectors to the different types of attackers themselves. But there is always one constant: the endpoint. When those endpoints are attacked, and end users cannot access services, data and applications, it is futile for a business to even host and offer them.
The client, that is the device, not the human being using it, has undergone enormous changes over the last decade, thereby putting the burden on IT professionals to evolve their networks accordingly. The PC, with Windows 95, was the starting point. Next came myriad Microsoft operating system updates, followed by new form factors like tablets and smart phones, which introduced a whole new dimension.
With each new client, the applications changed as well. Browsers and apps opened up unfamiliar, sometimes encrypted, and sometimes proprietary, data channels, from the Internet right down to the file system. And of course, attackers have kept track of those changes and adapted their methods accordingly over the years.
To cope with these ever-evolving forms of attack, network administrators developed innovative defense mechanisms. Classic anti-virus tools were followed by sandboxes that tried to detect and block malware by offering these programs a limited, simulated runtime environment. The most recent approach uses micro-VMs, which try to contain malware within the kernel process level.
Additionally, businesses now use a whole arsenal of security measures, ranging from the humble password to two-factor authentication, firewalls and encryption, to name but a few. And nothing is wrong with these measures. After all, an endpoint that uses anti-virus software is better protected than one without it. But the question is: How much better?
The problem is, enterprises often do not realize that technology alone will not save them. Businesses need to know that their combined technical barriers, no matter how recent and well maintained they might be, are far from impregnable, even under perfect conditions. It doesn’t matter which hindrances network administrators place in the path of attackers. They will eventually find a way to bypass them. And in some cases, their whole IT security budget could be wasted on a suite of diverse defense mechanisms.
The only solution is redundancy – a defense-in-depth approach that uses a combination of firewalls, VPNs, intrusion detection systems and common sense policies to govern employee remote access behavior. This type of framework will go a long way in keeping possible attack vectors at bay. It can’t be said often enough, so here it is again: Security is a process, not a product.
End-to-end encryption alone won’t save you. For example, a Trojan could gain access to the local network through an infected smartphone or a USB stick and intercept the password keystrokes right as they happen. In a worst-case scenario, the cryptography might even hinder other security tools from detecting suspicious activities on the network.
No IT-based measure alone can account for human fallibility – they won’t help if one of your employees leaves a work device out in the open, where it could be stolen, or accidentally exposes a password through a phishing scheme. The level of security is always defined through the weakest link, not through the largest budget.
Want to learn more threats to your company’s network?
In 7 Security Threats You May Have Overlooked, we cover:
– How to handle environments fraught with rogue employees, personal devices, and EOL products.
– A sound approach to security policies and their enforcement, including the important of executive involvement.
– A new way to think about VPN solutions to simultaneously maximize security, flexibility, and ease of management.