Stepping Up Security in the Distributed Enterprise

Stepping Up Security in the Distributed Enterprise

For the distributed enterprise, these managed solutions offer next-level security – a necessary step above the basics.

The proliferation of cloud applications, the demand for bandwidth and connectivity, the rise of IoT and more are driving constant innovation and improvement in network technology. Unfortunately, increased reliance on the network creates more security vulnerabilities, and bad actors looking to take advantage are introducing new threats all the time. Today’s enterprises must look beyond baseline security tactics – such as a standard UTM stack of next generation firewall (NGFW), intrusion detection (IDS), intrusion prevention (IPS), antivirus and content filtering – to address relentless cyber security risks.

An examination of the evolving demand on networks illustrates the specific challenges confronting enterprises. From company email to employee training portals and mobile POS, applications that used to run through a proprietary data center or via VPN are now cloud-based. While this can improve speed and cost efficiencies (both capital and operating), increasing reliance on the cloud and web further exposes enterprises to attack.

Consider the many third-party applications of common enterprise businesses – retail loyalty programs via mobile devices, tablet ordering in restaurants and integration with services like Grubhub and Uber Eats, and concierge services in hotels, to name just a few. These and other so-called “Shadow IT” solutions installed by outside parties can be red carpets into an enterprise network for those with malicious intent.

Finally, a distributed organization with up to hundreds of different sites presents a large attack surface. And, with more brands going to a franchise model, companies have less control over what is operating on the network. For instance, the growing prevalence of IoT devices, like surveillance cameras, personal digital assistants and other technologies introduced by individual locations, creates weaknesses ripe for exploitation. Any breach within the enterprise can impact the entire brand.

As enterprises rely increasingly on their networks, they must go beyond the basics to protect corporate data as well as personally identifiable information (PII) of both customers and employees. For the distributed enterprise, with its unique security challenges, these managed solutions offer next-level security – a necessary step above the basics:

Application Control – Moving beyond traditional content filtering (for instance, ensuring “family-friendly” content), Application Control blocks or restricts unauthorized applications from executing in ways that put data at risk.

Data Leak Prevention (DLP) – DLP rapidly identifies, assesses and prevents potential leaks of highly sensitive information. End-point Protection – Configuring security profiles on end devices, like PCs or mobile POS, prevents loss of data at the point of the breach. Physical end-point protections prevent credit card skimmers and similar hardware and software threats being placed on these devices. 

Security Information Event Management (SIEM) – In the event of a security threat, managed Security Information Event Management (SIEM) provides a team of professionals to examine an alert, assess the level of threat and either consult an enterprise on a solution or act on its behalf to mitigate the problem. This type of timely incident response can isolate an infected portion of a network before damage grows widespread.

AI and Behavioral Analytics – In addition to human intelligence to analyze threats, enterprises should consider automated ways of assessing potential security breaches – artificial intelligence and behavioral analytics can predict and thwart attempts to compromise data.

Expanded Use of Encryption – Most retailers have completed the EMV chip-card transition of payment terminals (though retail petroleum, faced with the significant cost of upgrading pumps and POS, is still evolving). But EMV is just the tip of the iceberg for securing credit card data and preventing identity theft. Enterprises should invest in point-to-point encryption and upgrade as soon as possible to WPA3 standards.

Keeping enterprise networks secure is an ongoing battle best fought with forward thinking and advanced managed security. The more sophisticated the defenses, the more innovative and aggressive the attacks. Enterprises must be vigilant about their security protocols – addressing not just today’s baseline needs, but going above and beyond to fortify their networks against future threats.

Featured

  • Until We Meet Again

    A short three years ago we were all pondering whether to attend any tradeshows all thanks to COVID-19. Sorry to bring that nightmare up again, but it seems that little pandemic is in the rear-view mirror, and it’s time to meet again. Read Now

    • ISC West
  • Cyber Hygiene: What it Looks Like for IoT Devices

    Cyber Hygiene: What it Looks Like for IoT Devices

    For our second pillar about the Industrial Internet of Things (IIoT) Pillars of Security, we are going to discuss what cyber hygiene looks like for IoT devices. Read Now

  • ISC West Announces 2023 Keynote Series Speaker Lineup

    The International Security Conference (ISC), in collaboration with premier sponsor Security Industry Association (SIA), announced five of this year’s ISC West Keynote Series speakers. ISC West will kick off its annual conference on March 28 (SIA Education@ISC: March 28-30 | Exhibit Hall: March 29-31) at the Venetian Expo in Las Vegas, Nevada. Read Now

    • ISC West
  • Accelerating Security Modernization

    In recent years, the term “digital transformation” has been one of the most frequently used buzzwords across industries. On its most basic level, it refers to the reimagining of how an organization leverages its technology systems to improve business processes. Read Now

Featured Cybersecurity

New Products

  • LenelS2 BlueDiamond™ mobile app

    enelS2 has introduced its Indoor Location subscription-based service for businesses and other organizations using LenelS2’s BlueDiamond™ mobile app version 2.1.8 for smartphones. 3

  • FlexPower® Global™ Series (FPG) from LifeSafety Power

    FlexPower® Global™ Series (FPG) from LifeSafety Power

    The FlexPower® Global™ Series (FPG) from LifeSafety Power—designed to provide DC power for access control systems in international applications—is now PSE listed for Japan and compatible with the country’s 100VAC applications. 3

  • XS4 Original+

    XS4 Original+

    The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3