The network is evolving on the lines of security

By: Vinayak Godse, Senior Director, DSCI & Mayank Lau, former Consultant, DSCI

The rise in number of botnets and the targeted and organized nature of attacks aimed at achieving specific objectives such as stealing data, money and denial of services is hindering organizations' daily operations. However, organizations are not able to upgrade their security infrastructure to address such challenges swiftly. The consumption of IT services is on the rise and the number of devices connected to the Internet has grown to 5 billion and will soon surpass this figure also.

According to a DSCI-Cisco study on "Re-Inventing the Network in the Context of Security", 66 % of security leaders in India encourage employees to bring their own device to work endorsing the benefits of these mobile environments. However, there are several challenges associated with this practice. A majority of the respondents feel that enabling access on user owned devices will put data traversing the trusted boundaries of an organization at risk. Moreover, as employees increasingly use public networks to access this data, there is an increasing reliance on external service providers, further adding complexities to the challenges of governing data. Mobility, on the other hand, is challenging the conventional way of enforcing policies based on IP address, network port and applic ation protocol etc, demanding greater granularity and diversity from policies and configuration capabilities.

Enterprises need to adopt next-generation technologies which have the capability to go beyond conventional approaches such as port/protocol inspection, intrusion prevention etc. Currently, many organizations are revamping their security architecture and incorporating security capabilities which enable optimization of network and application performances, enable consolidation of data centers and devices, provide service assurance, facilitate unified communication deployment and mobile device management (MDMs).

However capabilities such as cloud based security scanning, identity and context aware network, cloud based web security gateway, threat intelligence service and situational awareness are still looked upon as impending security capabilities. While there is a realization of the importance of deploying these advanced capabilities in the IT industry, lack of skills and efforts required for managing these capabilities and the resultant addition to the cost reiterates the reluctance of organizations towards their adoption.

Evolving threat landscape

Cyber threats and hackers are becoming more sophisticated these days, stealing critical/sensitive information from organizations and causing disruptions to daily operations. In our study to understand the same, 77 % leaders who responded agreed that attacks are originating from multiple channels and that the attack payload is getting increasingly advanced. In order to be at par with the dynamic threat landscape, organizations have started to perceive infrastructure security as an essential ingredient of information security initiatives which requires regular up gradation.

With the increasing adoption of next generation trends in technology such as Bring Your Own Device (BYOD) and mobility, the boundary between personal and professional usage of mobile devices is getting blurred. Several organizations are taking a selective and cautious approach towards these emerging trends. This is validated by our study finding that only 22% of security leaders in India endorse allowing full access to the network from any device used by the employee in their organizations. IT infrastructure has evolved from a limited set of devices to multiple devices and from a handful of profiles to multiple combinations of applications, devices, access and usage scenarios.

Mobile computing is pushing security capabilities to the edge with these changes. In order to keep control on the mobile devices usage, 87 % of the organizations wish to leverage policies such as strong authentication, inactivity timeout and failed login lockout. In the light of a dynamic threat landscape most organizations seem to have reservations for allowing full access to network outside their physical boundary. IT leaders in India believe that changes in IT are evolving rapidly due to which policy enforcement across organization ecosystem is becoming difficult. In the study, it emerged 86 % of the respondents wish for seamless enforcement of policies which are in tandem with the context of business, users, access requirements, information and security policies. More than 68 % security leaders also indicate that managing policies and configuration of devices is an arduous task for organizations and consumes vast amount of their business time, calling for automation and ease in implementation.

Next-gen security: benefits and challenges

The study reveals that 56 % of the respondents believe the current security capabilities are ineffective for managing security of mobile, BYOD, and virtualized environments. The security fraternity is keen on identifying critical capabilities offered by next generation security solutions, as per the needs of the industry or line of businesses (LoBs). Important elements which seem to be emerging are fine grain access capabilities, ability to dynamically encrypt data while it is being accessed / transmitted, increased application awareness for identifying application level hostilities etc.

The next generation network will be based on autonomic computing and self learning with real time feeds, which will help organizations to take appropriate measures against existing and emerging cyber threats. Self healing networks are designed to work on live feeds originating in or out of an organization's IT environment which enables them to adapt (i.e. ensuring systems or the network itself not working as Bots or source of Denial of Services attack (DoS) respectively) and react if the network behavior is anomalous. Further, policy governed network facilitate providing access to authorized users to access sensitive data by routing all traffic from point-of-sale systems in branch locations using encryption and/or restricting employee access to non-business social networking sites during business hours.

The next generation security also strongly advocates the usage of additional intelligent information to improve security decisions taken regarding the IT infrastructure, popularly known as context aware security. This results in effective handling of security incidents which provides boost to ever changing business and IT environments. At the same time controlling the number of false positives in line with these expectations would give a fillip to the new age security architecture. 85 % of respondents in the study indicated that integrating global intelligence mechanisms such as black listed addresses and vulnerabilities will be critical for implementing new age network security. IT leaders in India believe that the time has come to formulate and enforce security policies which are capable of consuming real time relevant feeds. There also exists a notion in the industry that context aware security will replace static security capabilities in near future.

The next network revolution with respect to security as predicted by technology strategists and developers is expected to bring new challenges for businesses. Most organizations foresee implementation challenges such as dealing with several independent signals while handling live feeds, security challenges including profiling of systems behavior, correlating enormous amount of data feeds and integration with existing organizational architecture. These challenges need to be addressed by effective collaboration within the organization, revamping of technical capabilities and extensive deliberations within the security fraternity. The story of network revolution in the security fraternity is evolving and it could undergo enormous changes in times to come.