Smart Business Communications
- By Christopher Rabii
- Jun 24, 2010
How secure is your business data network? It’s a question that can be tough to answer when new security risks seem to emerge on a daily basis. Broadband data and voice communications are the lifeblood of business, and without a network that functions optimally all the time, the productivity, profitability and even viability of businesses in many vertical sectors are at risk.
The education sector relies on broadband data connections to deliver improved learning experiences for students through digital classroom. Financial sectors trust ultra-fast, always-on data networks to conduct timely trading transactions and keep financial markets ticking and international commercial relationships healthy and productive. Government bodies increasingly use broadband to communicate with citizens and interdepartmental offices and departments through online portals and e-mail.
The healthcare sector relies on broadband data networks to empower doctors to make instant clinical decisions to improve patient treatment outcomes through interconnected, high-tech diagnostic and surgical equipment. As patients become empowered to interact directly with nursing staff through interactive patient care solutions, many facilities plan to extend treatment regimes through remote telemedicine services that offer patients online medical monitoring and reporting from home.
None of these business-critical services, which depend on broadband data connectivity, would be possible if the network delivering them is not secure.
So, what are the risks? Most IT network and crisis managers are well-versed in the threats stemming from intrusion into the network. These can be as mild as spam or as severe as a full network outage caused by an aggressive virus or the launch of a Distributed Denial of Service attack. Other risks include the hijacking of IT resources to host attacks on other networks and unauthorized access to valuable corporate information stored in the corporate network or at a data center.
It is the latter risk that is most relevant in terms of the physical network’s ability to resist intrusions. That’s because all the other risks are often the product of an outmoded IT security policy that fails to proactively deal with constantly evolving threats. Poor policies are unable to recognize weak spots in the corporate local area network, firewall or way in which users handle corporate communications.
In order for a security policy to be comprehensive and robust, the physical pipe that delivers the data -- the wide area network and not just the servers, desktops and other computing resources that sit on the LAN -- needs to be secure. In fact, examining the way data is supplied from the WAN is the first step in assessing potential threats to corporate information security.
Copper’s Inherent Flaws
If the network supplying the broadband data is a copper-based telephone line, it is inherently unsecure. Tapping phone conversations on copper pairs is relatively straight-forward because the technique is well known and the equipment widely available. The same concept applies to data communications sent over copper, where data can be intercepted, siphoned off and reconstructed to reveal the contents of files, e-mail and voice calls made over IP. Plus, if it gets wet, copper’s electrical conducting properties mean that it shorts out -- bringing any call or data transmission to an abrupt halt.
Fiber, on the other hand, is inherently more secure because data is converted into light pulses and then sent over a light wave in the fiber, automatically encoding it and making it very difficult to intercept. In many cases, businesses have the option to purchase a private wavelength for data transport that completely isolates the traffic from anyone using the fiber.
Choosing a Fiber Provider
When selecting a service provider for data services, make sure they provide connectivity using fiber, and ask them about the other connections that they have in their network that could represent weak points.
These are generally where one network interconnects with another -- called peering -- or where a network enters or leaves a central data center facility or other connection points, known as points of presence. Some service providers offer connectivity options within their own private facilities, and this ensures that the service provider assumes more responsibility for the security of the physical network and that no unauthorized parties have access to your fiber or equipment placed on the network. Bear in mind that key central public peering points could be theoretical targets for terrorist attacks; however, they are often unavoidable because they are the main network routes that many organizations use. Ensure that the service provider also offers network redundancy as a fail-safe.
Redundancy is Not Redundant
Any service provider worth its salt will offer a redundant network. This means the fiber transporting the data follows at least two separate routes to its destination in case one route fails. Such diversified routing is necessary to avoid the risks of physical interference with the fiber, such as automobile accidents or accidental severance while road work or structural improvements take place above ground. The service provider also may be able to provide data transport over four fibers, rather than the more commonplace two. This offers the highest level of security available from physical threats.
The principle of redundancy also extends to the power supply that runs the network and the equipment that transports the data over the fiber. Emergency power generators should be primed to kick in if the main supply is affected, and redundant server blades should take over if their counterparts fail.
Even if there is a network failure somewhere along the line, customers never see. A fiber network can divert to a redundant route in less than 50 milliseconds while the original route is repaired. Also, keep in mind that the staff servicing the network forms part of the redundancy plan. Many of them are able to work remotely and still control the network from alternative locations if, for example, there is a global health pandemic. In turn, this allows businesses to remain operational and profitable even during the most testing circumstances.
The human element is particularly important in an age where organizations are exploring how customer availability and closer customer relationships help personalize their experience and keep them coming back for more.
Examining the security of your physical networks is a big step toward ensuring your organization remains operational at all times and is available to customers, partners and the supply chain. With security in hand, organizations can focus on their core business -- whether it is executing profitable financial trades, helping students excel or saving lives.
About the Author
Christopher Rabii is the senior vice president of technical operations for Optimum Lightpath.