How to get the most out of network security
17 Oct 2005
The
IT industry''s role in India''s global recognition as a
rising economic power proves that IT can serve as an engine
of growth, writes B Ashok, senior VP, IT Services, Cisco
Systems India Pvt Ltd. However, he warns information security
issues could trip the growth and outlines key security
challenges faced by organisations today and explores how
network security can help overcome these challenges.
IDC
estimates that the Indian IT industry is set to grow to
$55 billion by the end of 2008, largely due to the rise
in technology and business process outsourcing. While
there are several enabling factors, certain issues like
information security could debilitate this growth.
Networks are critical to business performance especially in the IT and BPO sector with organisations depending on these networks for communication, transactions and data sharing. The overriding concern of CIOs today is to ensure their networks are constantly safeguarded against various attacks. As a result, information security is increasingly playing a strategic role in today''s business.
Organisations outsourcing to India look for service providers with strong security practices and robust, secure yet open networks. Ensuring remote accessibility in a world that''s adopting wireless technology can only translate into one thing - network security today has to address the ever-expanding definition of the network and all related security requirements.
Enterprises face daunting challenges when it comes to security - worms and viruses, spam, internal theft, hacking and employees with malicious intent are just some of the security challenges organisations face today. In addition, IT and BPO service providers have to address the following issues:
Compliance
to regulations
The Sarbanes-Oxley Act, Graham-Leach-Bliley Act, Health
Insurance Portability and Accountability Act Privacy Rule
(HIPAA), Data Protection Act and other sweeping regulatory
changes pose unique challenges to the way data is handled
by IT and BPO service providers.
Privacy
Enterprises are constantly handling data and information
of their clients'' customers. Care should be that the information
is used only for purposes authorised by the owner or supplier
and is not shared with unauthorised personnel.
Data
Protection
While the concern for data protection always existed,
the outsourcing phenomenon has only increased the concern
for protection of sensitive information. While stringent
data protection laws exist in the EU and the US, most
clients are keen that their service providers have equally
stringent policies to prevent the data misuse.
While addressing security concerns, organisations need to consider various factors like:
-
Integrity: gathering and maintaining accurate information
and avoiding malicious modification
-
Availability: providing access to the information when
and where desired
- Confidentiality: avoiding disclosure to unauthorised or unwanted persons
Securing
your network
Given the severity and potential threat of these security
challenges, it is imperative that an organisation employs
an integrated security strategy, where the network is
equipped to defend itself. In other words, every device
in the network, from desktops through the LAN and across
the WAN, plays a part in securing the networked environment
through a globally distributed defence.
With integrated security, enterprises can enable networks to identify threats, react appropriately to the severity level, isolate infected servers and desktops and reconfigure the network resources in response to an attack.
Some key elements of this strategy:
Secure
connectivity :
A vast majority of companies use the flexibility and cost-effectiveness
of the internet to extend their networks to branch offices,
telecommuters, customers and partners. Ensuring the privacy
and integrity of all information is paramount. Not only
must organisations protect external communications, they
must also help ensure that the information transported
across an internal wired and wireless infrastructure remains
confidential. Similarly, companies must secure voice and
video as they use their existing network infrastructure
to provide new business-enhancing services.
The dilemma many businesses now face is how to protect the privacy and integrity of all information while cost-effectively creating a manageable communications infrastructure that will improve productivity, enable new business applications, and enhance business efficiency. Additionally, many companies are mandated by governmental or industry regulations to ensure the privacy of information.
Some of the key technologies that enable secure connectivity are Virtual Private Networks (VPNs). VPNs establish secure, end-to-end private network connections over a public networking infrastructure. In addition to reduced communications expenses, VPNs allow mobile workers, telecommuters, partners and day extenders to take advantage of broadband connectivity. VPNs have become the logical solution for remote access or site-to-site connectivity.
Threat
defense systems:
Network security must protect a business from threats,
both known and unknown, such as access breaches, "Day
Zero" worm attacks and viruses, and internal threats,
which cause the most damage.
Moving forward, network security must shift from being perceived as a cost center toward actually saving your organisation money through productivity increases, business resiliency and business operations stability. With these two heavy requirements of providing higher protection as well as increased profitability, a system-level approach toward defense-in-depth is required.
Simply put, enterprises need to have a collaboration of security solutions and intelligent networking technologies that identify and mitigate both known and unknown threats from inside and outside your organisation. This unique systems approach protects your business productivity gains through flexible, customisable deployment of security and network services, providing comprehensive coverage throughout the network, from the network data center, to the branch offices and down to the end points.
Endpoint security solutions that protect desktops and servers, ''distributed denial of service'' (DDoS) attack detection and mitigation, integrated firewall solutions, network intrusion protection systems that identify, analyse and stop malevolent traffic, content security solutions, monitoring solutions that provision and monitor security services and network activity are some technologies that form this elaborate yet key aspect of integrated security.
Trust
and identity management:
Businesses need to effectively and securely manage who
and what can access the network, as well as when, where,
and how that access can occur. Deploying a complete ''identity
management'' solution lets enterprises secure network access
and admission at any point in the network, while isolating
and controlling infected or unpatched devices that attempt
to access the network.
Organisations can also streamline the security management of remote network devices while taking full advantage of existing security and network investments. Identity management solutions basically:
-
Authenticate entities and determines access privileges
based on policy
-
Authorise and control network access and push access
policy enforcement to network devices via VLANs, access
control lists (ACLs), etc.
- Track the who, what, when, where and how of network activity
Comprehensive and robust identity management solutions and services guarantee the identity and integrity of every entity on the network and apply appropriate access policy; deliver visibility into network activity; secure the centralised management of remote devices; and provide Authentication, Authorisation, and Accounting (AAA) functionality across all network devices.
In addition, these solutions expand network security prevent unauthorised network access from rogue wireless access points. They automatically identify users requesting network access and route them to a VLAN domain with an appropriate degree of access privilege based on policy (for example, guests versus employees).
Lastly, these solutions allow network access only to trusted endpoint devices that can verify their compliance to network security policies, such as having a current anti-virus image, OS version, or patch update. Thus, they permit, deny or restrict network access to any device as well as quarantine and remedy non-compliant devices. While some of these concepts have already been implemented, security and networking vendors are working together to realise the full benefits of integrated security.
*The author is senior vice president, Cisco Systems India & SAARC