An organisation’s network is one of its most valuable assets, says Ashraf Sheet, Regional Director, Middle East and Africa at Infoblox. He talks us through seven myths about network management and security in the modern digital world.
In today’s digitally driven, 24/7 world, how well you thrive as a business depends, more than ever, on your network. It’s the central nervous system that drives business innovation, customer satisfaction and market expansion.
It’s no overstatement to say that your network is one of your most valuable business assets. But how well do you understand the challenges it’s up against in an ever-shifting landscape of rising customer expectations, massive device proliferation, increased virtualisation, cloud adoption, the Internet of Things and evolving threats? It’s time to get real.
Myth 1: Data centre management tools optimise application deployment speeds.
Reality: You can fully optimise application deployment speeds in the data centre only by automating core network services.
If you believe your current data centre management tools can serve up apps as fast as your business requires, you may be guilty of wishful thinking. Truth is, most data centres are built on legacy technology, which can leave you at a serious disadvantage when it comes to providing your business with the digital agility it needs to compete in today’s hyper-connected world.
Conventional management tools were designed to support more static assets, not to roll out enterprise apps on demand or provision hundreds and thousands of virtual machines in the blink of an eye. These days, to optimise data centre performance, you must first automate the core network services that make connectivity possible across virtual, physical and cloud environments. These services include DNS, DHCP and IP address management (IPAM), otherwise known as DDI.
Myth 2: Your current policies and procedures can eliminate shadow IT
Reality: Shadow IT is here to stay, but with automation and actionable insight you can bring it into the light.
Shadow IT, the use of technology solutions without the knowledge or support of IT, is on the rise. It has become pervasive for the simple reason that business users need new tools and solutions faster than IT can provide them. The consumerisation of IT is in full swing. Powerful cloud-powered business apps are coming online every day. It’s folly to assume you can put the genie back in the bottle by simply ramping up your enforcement efforts using your existing procedures and network management tools.
The reality is, when business users reach for the latest cloud app without approval, they’re not out to sabotage your security or compliance. They just want to do their jobs as quickly and effectively as possible. Rather than fight shadow IT, your enterprise would be wise to find ways to identify its presence and then embrace it, safely and efficiently.
Myth 3: Manual processes are an unavoidable part of collecting data for compliance.
Reality: Your network can help you meet your compliance obligations – automatically
For most companies, gathering data for compliance is an unending burden that entails endless cycles of manual effort. Given the disjointed toolsets that most IT departments rely on to perform compliance tasks, manual effort just comes with the territory.
Unfortunately, manual compliance processes carry steep costs and not just in terms of staff time. They introduce errors and consume vital resources. They make it difficult to manage in-scope data and stay ahead of regulatory change. They also complicate the task of rooting out instances of non-compliance quickly and determining corrective action, leaving your organisation vulnerable to security threats and regulatory violations.
There are network platforms that automate data gathering and policy enforcement so that organisations can take command of its compliance efforts while freeing staff to focus on core business objectives.
Myth 4: Of the many security issues your network faces, DNS is important, but not a top priority.
Reality: DNS is the #1 attack pathway into your network
More than 90% of malware uses DNS to communicate with command and control (C&C) servers, steal data or redirect traffic to malicious sites. DNS is a top attack pathway for several reasons. First, it plays a unique role in connectivity. Every device, every virtual machine relies on DNS to connect to your network.
In addition, the open nature of the protocol makes it a ripe target. Lastly, and most importantly, conventional network security measures such as firewalls and intrusion protection systems do not understand DNS. As a consequence, cybercriminals exploit DNS specifically to infect devices, propagate malware and exfiltrate data because they know it’s vulnerable. And their DNS-based tactics are evolving at breakneck speed.
Myth 5: Organisations should hold off on IoT initiatives until security improves
Reality: You can safely deploy IoT in many scenarios by shoring up DNS defences
A chief pathway for attacks against IoT devices is, you guessed it, DNS. IoT increases DNS-based attack surfaces by orders of magnitude. For example, as more and more data is exchanged through smart grids, the more damage security breaches can cause. The prospect of hackers gaining entry to connected systems prevents many companies from launching game changing IoT deployments in the near term. By securing DNS, however, companies can move forward with many IoT scenarios right now.
Myth 6: Security teams have enough information to prioritise security issues effectively
Reality: Security teams are so inundated with information that they don’t know which threats to act on first and why
Even the best-equipped security teams struggle to identify genuine threats in the gushing torrent of threat data coursing through their systems. Without knowing which threats are most urgent and can cause the most damage, security personnel waste valuable time and resources chasing down the wrong issues. In addition, most IT departments rely on a collection of point solutions and management tools for security. These systems are poorly integrated and can’t provide visibility into distributed network assets. They also often involve a high degree of manual processing, which further slows threat identification and remediation.
Myth 7: Organisations can automatically track the activation and compliance of new devices
Reality: Organisations lack a comprehensive view of newly activated devices
It’s tempting to believe that conventional network management systems can keep you informed when new devices join your network. After all, that information is vital to effective network management. Regrettably, getting that information is increasingly challenging for most organisations. The reason why is the same as with many other aspects of network administration – disparate tools and disjointed data siloes hinder the ability to track new devices and ensure their compliance.
The task is becoming even more daunting as the number of connected devices continues to soar, a trend that will escalate manyfold as the Internet of Things ramps into high gear. The bottom line is that organisations have no efficient way of knowing when new devices are added and if they meet the latest standards.
When you lack a comprehensive view and contextual information about devices, your network remains vulnerable to security risks, unplanned outages, traffic spikes and slow performance.