INTELLIGENT ENTERPRISE SECURITY
Visibility Develop a clear picture of the key assets you have , where they are located , who has access to them , identify the most critical assets . In the digital age , data is king so knowing which devices have access to your data is key . Note that data is not just the domain of the large enterprise , but a reality for every size and type of organisation . This assessment will lead to you the determination of what makes up your organisation .
Architecture With the proliferation of IoT , adoption of BYOD , growth in use of virtualised environments , and adoption of public and private cloud infrastructures – all require that you step back and examine how you architected your core network .
Focus on the outcomes you desire while you examine the architecture : is your network architected to maximise availability and ensure continuity even if it is under attack , have you secured your data paths to make sure you are protecting every known avenue that can be used to steal that data , does your protection extend to the physical and virtual elements in your network ?
Inventory Technology is a key element to addressing security challenges , but technology is part of the solution . People and processes play an equally important role in maintaining a robust security posture . Developing an understanding of how sensitive information is handled , who has access to sensitive information , your internal policies on how you treat sensitive data , policy enforcement mechanisms and ongoing training of personnel handling sensitive data must be part of the overall solution .
Basics Often organisations invest in the latest and greatest technology and buzz word driven solutions . Sometimes there is a perceived correlation between high-end solution and impact . But there is a difference between perception and reality . Organisations must start with the basics .
Mohammad Jamal Tabbara , Senior Systems Engineer UAE and Channel , Infoblox .
Organisations have migrated from having tightly controlled networks with endpoints , to one where the definition of an endpoint is changing .
Practices Like I said above , people and process are a critical component of addressing your security posture . Make sure you have instituted best practices around passwords , patching your systems with the latest updates and keeping up to date with your hardware and software .
Core Organisations that have adopted a defense in-depth approach have done so for several critical applications like e-mail , web traffic and endpoints . Often , they ignore the core of their network – the basic systems that allow access to applications and services on their network . In other words , core elements like DNS , DHCP and IP address management , often referred to as DDI .
Get help Too often organisations rely on internal expertise , but budget constraints and the availability of trained security experts constrain their ability to have the extensive coverage they need . Help comes in many forms , technology and external expertise .
Augmenting the team ’ s skill sets with the latest development in technology that allows automation and leverages machine learning to drive better insight into threats is key . Relying on security expertise from organisations that specialise in security is often underutilised .
Unify Make sure that all the elements of your defense in depth approach work in unison . This means that when one system sees a vulnerability that information should be shared with the other parts of the infrastructure . Whether that information is an indicator of compromise or threat intelligence , the information should be shared .
For example , if your DDI infrastructure identifies a new device on the network , that information should be shared with a Vulnerability Scanner so it can scan the device to ensure its integrity . While the information in isolation is useful a new device on the network it is becomes actionable and more impactful when it is shared with other parts of your infrastructure .
Of course , this requires that the vendors you select have an open approach and have built their products with the ability to share information with other parts of your infrastructure . •
39
INTELLIGENT ENTERPRISE SECURITY
Visibility Core
Develop a clear picture of the key assets
you have, where they are located, who has
access to them, identify the most critical
assets. In the digital age, data is king so
knowing which devices have access to
your data is key. Note that data is not
just the domain of the large enterprise,
but a reality for every size and type of
organisation. This assessment will lead to
you the determination of what makes up
your organisation. Organisations that have adopted a
defense in-depth approach have done
so for several critical applications like
e-mail, web traffic and endpoints.
Often, they ignore the core of their
network – the basic systems that allow
access to applications and services on
their network. In other words, core
elements like DNS, DHCP and IP address
management, often referred to as DDI.
Architecture Too often organisations rely on internal
expertise, but budget constraints and
the availability of trained security
experts constrain their ability to have
the extensive coverage they need. Help
comes in many forms, technology and
external expertise.
Augmenting t �R�FV��( �2�6�����6WG2�v�F��F�R���FW7B�FWfV����V�B����FV6�����w��F��@�����w2��WF���F������B��WfW&�vW2���6���P��V�&��r�F��G&�fR�&WGFW"���6�v�B���F��F�&V�G0��2��W���&Vǖ��r����6V7W&�G��W��W'F�6R�g&�Ц�&v��6�F���2�F��B�7�V6��Ɨ6R����6V7W&�G���0��gFV��V�FW'WF�Ɨ6VB�v�F��F�R��&�ƖfW&�F�����b���B���F��F����b�%��B��w&�wF�����W6R��b�f�'GV�Ɨ6V@�V�f�&���V�G2����B��F��F�����b��V&Ɩ2���@��&�f�FR�6��VB���g&�7G'V7GW&W2�( 2�����&W�V�&P�F��B���R�7FW��&�6����B�W��֖�R���r���P��&6��FV7FVB���W"�6�&R��WGv�&��f�7W2����F�R��WF6��W2���R�FW6�&P�v���R���R�W��֖�R�F�R��&6��FV7GW&S���0���W"��WGv�&���&6��FV7FVB�F������֗6P��f����&�ƗG����B�V�7W&R�6��F��V�G��WfV���`��B��2�V�FW"��GF�6�����fR���R�6V7W&VB���W �F�F����F�2�F�����R�7W&R���R��&R��&�FV7F��p�WfW'�����v���fV�VR�F��B�6���&R�W6V@�F��7FV���F��B�F�F���F�W2���W"��&�FV7F���W�FV�B�F��F�R����6�6�����B�f�'GV���V�V�V�G0������W"��WGv�&���fV�F�'��FV6�����w���2����W��V�V�V�B�F���FG&W76��p�6V7W&�G��6����V�vW2��'WB�FV6�����w���2���'@��b�F�R�6��WF������V���R���B��&�6W76W2���������W�V��ǒ�����'F��B�&��R��������F����p���&�'W7B�6V7W&�G����7GW&R��FWfV�����p����V�FW'7F��F��r��b���r�6V�6�F�fP���f�&��F�����2����F�VB��v�����2��66W72�F�6V�6�F�fR���f�&��F�������W"���FW&������Ɩ6�W0������r���R�G&V�B�6V�6�F�fR�F�F�����Ɩ7��V�f�&6V�V�B��V6���6�2���B���v���p�G&����r��b��W'6���V�����FƖ�r�6V�6�F�fP�F�F���W7B�&R���'B��b�F�R��fW&����6��WF����vWB��V����������B�������F�&&�&���6V��"�7�7FV�0�V�v��VW"�T�R���B�6����V�����f�&�����&v��6�F���0���fR�֖w&�FV@�g&�����f��p�F�v�Fǐ�6��G&���V@��WGv�&�2�v�F��V�G����G2��F���R�v�W&R�F�P�FVf��F�����`����V�G����B��0�6���v��r�&�6�72��&�7F�6W0��gFV���&v��6�F���2���fW7B����F�R���FW7B���@�w&V�FW7B�FV6�����w����B�'W���v�&B�G&�fV�6��WF���2��6��WF��W2�F�W&R��2����W&6V�fV@�6�'&V��F����&WGvVV����v��V�B�6��WF������@�����7B��'WB�F�W&R��2���F�ffW&V�6R�&WGvVV��W&6W�F������B�&V�ƗG����&v��6�F���2��W7@�7F�'B�v�F��F�R�&�6�72��Ɩ�R���6��B��&�fR���V���R���B��&�6W70��&R���7&�F�6���6�����V�B��b��FG&W76��p���W"�6V7W&�G����7GW&R�����R�7W&R���P���fR���7F�GWFVB�&W7B��&�7F�6W2��&�V�@���77v�&G2����F6���r���W"�7�7FV�2�v�F��F�P���FW7B�W�F�FW2���B��VW���r�W��F��F�FR�v�F����W"���&Gv�&R���B�6�gGv�&R�V�g�����R�7W&R�F��B�����F�R�V�V�V�G2��`���W"�FVfV�6R����FW�F�����&��6��v�&�����V�6����F��2��V��2�F��B�v�V���R�7�7FV��6VW2���gV��W&�&�ƗG��F��@���f�&��F����6��V�B�&R�6��&VB�v�F��F�P��F�W"���'G2��b�F�R���g&�7G'V7GW&R��v�WF�W �F��B���f�&��F�����2������F�6�F�"��`�6���&�֗6R��"�F�&V�B���FV�ƖvV�6R��F�P���f�&��F����6��V�B�&R�6��&VB�f�"�W�����R���b���W"�DD����g&�7G'V7GW&R��FV�F�f�W2����Wr�FWf�6R���F�R��WGv�&���F��B���f�&��F����6��V�@�&R�6��&VB�v�F����gV��W&�&�ƗG��66���W �6���B�6���66���F�R�FWf�6R�F��V�7W&R��G0���FVw&�G���v���R�F�R���f�&��F�����গ6���F�����2�W6VgV�����Wr�FWf�6R����F�P��WGv�&���B��2�&V6��W2��7F����&�R���@���&R�����7FgV��v�V���B��2�6��&VB�v�F���F�W"���'G2��b���W"���g&�7G'V7GW&R��b�6�W'6R��F��2�&W�V�&W2�F��B�F�P�fV�F�'2���R�6V�V7B���fR������V�����&��6����B���fR�'V��B�F�V�"��&�GV7G2�v�F��F�P��&�ƗG��F��6��&R���f�&��F����v�F���F�W ���'G2��b���W"���g&�7G'V7GW&R���* �3