Stepping Up Security in the Distributed Enterprise -- Security Today

Stepping Up Security in the Distributed Enterprise

For the distributed enterprise, these managed solutions offer next-level security – a necessary step above the basics.

By Dan Rasmussen
Oct 29, 2018

The proliferation of cloud applications, the demand for bandwidth and connectivity, the rise of IoT and more are driving constant innovation and improvement in network technology. Unfortunately, increased reliance on the network creates more security vulnerabilities, and bad actors looking to take advantage are introducing new threats all the time. Today’s enterprises must look beyond baseline security tactics – such as a standard UTM stack of next generation firewall (NGFW), intrusion detection (IDS), intrusion prevention (IPS), antivirus and content filtering – to address relentless cyber security risks.

An examination of the evolving demand on networks illustrates the specific challenges confronting enterprises. From company email to employee training portals and mobile POS, applications that used to run through a proprietary data center or via VPN are now cloud-based. While this can improve speed and cost efficiencies (both capital and operating), increasing reliance on the cloud and web further exposes enterprises to attack.

Consider the many third-party applications of common enterprise businesses – retail loyalty programs via mobile devices, tablet ordering in restaurants and integration with services like Grubhub and Uber Eats, and concierge services in hotels, to name just a few. These and other so-called “Shadow IT” solutions installed by outside parties can be red carpets into an enterprise network for those with malicious intent.

Finally, a distributed organization with up to hundreds of different sites presents a large attack surface. And, with more brands going to a franchise model, companies have less control over what is operating on the network. For instance, the growing prevalence of IoT devices, like surveillance cameras, personal digital assistants and other technologies introduced by individual locations, creates weaknesses ripe for exploitation. Any breach within the enterprise can impact the entire brand.

As enterprises rely increasingly on their networks, they must go beyond the basics to protect corporate data as well as personally identifiable information (PII) of both customers and employees. For the distributed enterprise, with its unique security challenges, these managed solutions offer next-level security – a necessary step above the basics:

Application Control – Moving beyond traditional content filtering (for instance, ensuring “family-friendly” content), Application Control blocks or restricts unauthorized applications from executing in ways that put data at risk.

Data Leak Prevention (DLP) – DLP rapidly identifies, assesses and prevents potential leaks of highly sensitive information. End-point Protection – Configuring security profiles on end devices, like PCs or mobile POS, prevents loss of data at the point of the breach. Physical end-point protections prevent credit card skimmers and similar hardware and software threats being placed on these devices.

Security Information Event Management (SIEM) – In the event of a security threat, managed Security Information Event Management (SIEM) provides a team of professionals to examine an alert, assess the level of threat and either consult an enterprise on a solution or act on its behalf to mitigate the problem. This type of timely incident response can isolate an infected portion of a network before damage grows widespread.

AI and Behavioral Analytics – In addition to human intelligence to analyze threats, enterprises should consider automated ways of assessing potential security breaches – artificial intelligence and behavioral analytics can predict and thwart attempts to compromise data.

Expanded Use of Encryption – Most retailers have completed the EMV chip-card transition of payment terminals (though retail petroleum, faced with the significant cost of upgrading pumps and POS, is still evolving). But EMV is just the tip of the iceberg for securing credit card data and preventing identity theft. Enterprises should invest in point-to-point encryption and upgrade as soon as possible to WPA3 standards.

Keeping enterprise networks secure is an ongoing battle best fought with forward thinking and advanced managed security. The more sophisticated the defenses, the more innovative and aggressive the attacks. Enterprises must be vigilant about their security protocols – addressing not just today’s baseline needs, but going above and beyond to fortify their networks against future threats.

Featured

Perimeter Security Standards for Multi-Site Businesses

When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now
Getting in Someone’s Face

There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now
- Industry Events
- ISC West
Live From ISC West 2024: Post-Show Recap

ISC West 2024 is complete. And from start to finish, the entire conference was a huge success with almost 30,000 people in attendance. Read Now
- Industry Events
- ISC West
ISC West 2024 is a Rousing Success

The 2024 ISC West security tradeshow marked a pivotal moment in the industry, showcasing cutting-edge technology and innovative solutions to address evolving security challenges. Exhibitors left the event with a profound sense of satisfaction, as they witnessed a high level of engagement from attendees and forged valuable connections with potential clients and partners. Read Now
- Industry Events
- ISC West

Webinars

Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Eagle Eye Networks Inc, Evolv Technology, Arcules, ZeroEyes

Shooter Detection: The First Line of Defense
Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Arcules

Embracing AI-driven Access Control
HID Global

Unlock the Potential: Why Make the Shift to Mobile Credentials

Whitepapers

Genetec

How to Modernize Your Existing Security Systems Using Hybrid-Cloud
Eagle Eye Networks Inc

Are you ready for an on-site emergency? A practical checklist
Winsted Corporation

Top Considerations Designing an Ergonomic Control Room

New Products

Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3
FEP GameChanger

Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

Stepping Up Security in the Distributed Enterprise

ISC West 2024 Welcomed More Than 29,000 Attendees

Resideo to Acquire Snap One to Expand Presence in Smart Living Products and Distribution

Allegion US Features Interoperability, Mobile Credentials and More at ISC West

Altronix Showcases Products to Protect Critical Infrastructure at ISC West

Axis Communications Launches Axis Cloud Connect at ISC West 2024

Genetec Security Center SaaS Supports Direct-to-Cloud Workflows With Axis, Bosch, Hanwha, and i-PRO Devices

ASSA ABLOY Introduces Centrios, a New Access Control Brand for Small Businesses