3 New Year's Resolutions for Network Administrators
Although it's been a historically troubling year for the cybersecurity community, the advantage of a new year is that network administrators can make a fresh start.
The end-of-year Sony hack has brought even more mainstream attention to network security – not to say that a full year of prominent attacks didn't – and this increased awareness should lead to healthier IT security budgets and more resources to prevent the next attack.
When network administrators get back to work in 2015, here are three New Year's resolutions they should focus on:
1. Take Back Control with Remote Access Central Management
As IT administrators know all too well, employees often perceive a see-saw effect between their productivity and the degree of restrictions placed on the technology they use day-to-day. The fewer restrictions, the easier their jobs become, and vice versa. So, how can IT departments find middle ground? The answer is to selectively limit the ability of employees to access and share certain information.
Unfortunately, as a report by the Ponemon Institute found, 80 percent of IT administrators say their companies do not enforce a "need-to-know" data policy. This is despite the fact that, as the report said, "An organization that reduces the amount of data employees have access to ... and streamlines their processes for granting access will likely benefit from more productive employees." The New Year's lesson here for network administrators is to take back some power from employees.
Just as some of the most common New Year's resolutions focus on regaining control of some aspect of your life, whether that's financial (reducing debt), social (planning a vacation), or physical (exercising more often), network administrators need to be sure they have 100 percent control over their network, at all times, even as the number of remote users and network-enabled endpoints increases.
Remote access central management capabilities allow IT departments to take action when the network has been breached, and subsequently, allows them to de-provision users in order to quarantine the threat. By controlling VPNs from a single point of administration, a network administrator will retain full visibility across the network, even as the organization grows.
2. Face BYOD Head On
Last month, during a discussion hosted by an IT advisory service about the Bring-Your-Own-Device (BYOD) trend, one panelist shared a story that should make data security advocates very uncomfortable. He explained that his wife, a nurse, uses text messaging to communicate with her coworkers while on the job, "because that's the most efficient way to do their job."
Now, on one hand, these nurses could be inadvertently running afoul of HIPAA regulations and thrusting the hospital into the murky waters of patient privacy violations. On the other, would they be able to do their jobs as effectively without the ability to communicate via text, in real-time?
Since the days of car phones and beepers, savvy network administrators have known that employees would one day bring their personal mobile devices into the workplace, and then insist on using them as part of their jobs. That's where we find ourselves today, and that's why organizations face the decision to roll out Bring-Your-Own-Device (BYOD) policies.
Of course, by doing so, some administrators feel they could be exposing themselves to additional vulnerabilities, since more endpoints will be brought into the network. However, by now, we're really past the point of no return with personal devices in the workforce – it's best to just assume employees are going to bring them into the office.
Sometimes, New Year's resolutions are about confronting the challenges that are right in front of you. People who smoke or eat unhealthy foods often know that what they're doing is bad for them, yet they continue anyway. In the world of network security, BYOD isn't any different. Personal mobile devices are already here, and it's time for IT departments to adopt BYOD policies and educate employees about best practices.
3. Make Time for Defense-in-Depth
Part of the reason many New Year's resolutions fail is that they're huge, life-altering adjustments. That's why the changing of the calendar is such a necessary motivator for many people – they need to feel as though they're starting with a clean slate before they can address whatever monumental task is at hand.
One of the more daunting tasks some network administrators will face in 2015 is overhauling their entire network security infrastructure. This is no small task. It's about taking all the disparate security elements network administrators may already have in place, syncing them with one another, and then combining them with missing pieces, to create one, comprehensive infrastructure. This is the beginning of what is called a "defense-in-depth" approach.
With this strategy in place, when things don't go as planned – such as when an employee falls victim to a phishing scheme – there will be other technologies in place to limit whatever threats may now lie on the horizon. An overlapping system of firewalls, VPNs and other network security tools work in tandem to shield the network from harm.
New Year, New Approach
Even by following these resolutions, network administrators can't guarantee impenetrably of their networks. But, at least with more awareness and a new approach, network administrators can move on from 2014 – the year of "Nobody's Safe" – to 2015 – the year of "Everyone's Protected."
Want to learn more about secure remote access?
7 Requirements for Pain-Free VPN Client Support</em>, we cover:
- How to deploy a VPN solutions that reduces the pain associated with supporting clients.
- How to mitigate the costs and headaches that result from more users and devices.
- Best practices to make sure your VPN is never too complex to operate securely and efficiently.