Internet Security: Protecting From Data Breaches on the Inside
Last week we discussed internet security, how to create a “digital fortress” with defense in depth. If you have all of the systems in place that we discussed you probably believe yourself secure. Although you are more secure than many, there are still chinks in the armor that can be exploited. One such potential problem arises with employees using their own devices (BYOD). For the longest time, it was believed that the only defense against a threat from a personal device was anti-virus software on all your workstations and servers. Certainly, it is important for network security to have anti-virus software, however, no A/V software is 100% secure.
Why Anti-Virus Software Does Not Always Work
The problem with A/V software arises because bad guys are constantly developing viruses and malware that exploit security holes and then the anti-virus community reacts to these attempts. This means there is always a lag time between the creation of a virus and the deployment of an update to the A/V software that protects against the new threat. During this time your network is at risk.
With BYOD we can add a second or even third level of defense. Many antivirus vendors now offer a version for Android and IOS. Therefore enforcing a BYOD policy that requires A/V software on all devices that connect to your network is becomes an additional line of defense. Furthermore, modern security appliances, like the Meraki MX series have an option that includes Stateful, layer 3-7 deep packet inspection, intrusion detection and prevention, content filtering and a host of other applications designed to keep your network secure.
Stateful Packet Inspection: Information Security from the Inside Out
Effectively, this appliance looks deep into the individual data packets and determines if there is a threat. If edge security is the equivalent to having security guards at the gate to your fortress, think of this as guards roaming throughout the fortress. These guards effectively strip search every packet they come across and make sure they aren’t bringing, leaving with, or carrying something they shouldn’t. This provides us additional defense in depth with protection on the portable device, the router and the individual permanent devices on the network.
In spite of all of this protection, no system is perfect. There are non-digital threats to your data, such as fire, flooding, and other force majeure events. In these cases, prevention is not as important as recovery. Next week we will discuss disaster recovery considerations.