Customer Infrastructure Trends that Can Make or Break Security
… it’s done correctly and augmented with the necessary tools. Otherwise, encryption can hinder security because organizations far too often believe that encrypted traffic is already secure, and as a result do not inspect it before allowing it to enter the network.
Cybercriminals are aware of this tendency, and have taken to using SSL and TLP encryption to disguise malicious code as well as to hide data being exfiltrated from the network. This is why inspection of encrypted traffic is so necessary. However, many customers face challenges with this as older security tools are unable to keep pace with detecting modern malware, especially when the variants are heavily encrypted.
Even for those customers that understand how critical it is to inspect their encrypted traffic, performance limitations of legacy security solutions make SSL inspection a burdensome bottleneck that many organizations simply opt to avoid. As a result, encryption, ironically, can actually reduce security effectiveness.
Cloud adoption can also bring risks if not properly secured. While the cloud isn’t inherently insecure, its security requires a different approach than what’s needed for on-premise storage.
Visibility into data movement and device use is severely reduced in the cloud. This is compounded as your customers deploy multicloud environments, thereby increasing network complexity and expanding the horizon that needs to be monitored. Without an integrated and centralized approach to security, the complexity resulting from increased instances of SaaS and IaaS can hinder the ability to detect anomalous behavior. Deep cross-platform and cross-solution integration is especially necessary to ensure consistency across SaaS applications that are built over various infrastructures, or transactions and workflows that span multiple network ecosystems.
Additionally, many customers incorrectly assume that the responsibility for security falls to the cloud service provider. This isn’t always the case. Often, providers use a shared responsibility model, meaning they will secure the cloud itself, while your customers must secure their data and workflows used and stored within the cloud. With this in mind, as your customers move to the cloud they must transition their security controls to these new environments to ensure consistent visibility, scalability, and enforcement.
How Partners Can Help Customers Secure This Infrastructure
As customers increase their reliance on of IaaS, SaaS and encryption, partners need a deep understanding of their networks to determine where vulnerabilities exist and where updates to controls and strategies are necessary – especially for SMB clients. To assist customers in avoiding common pitfalls, partners should keep the following ideas in mind as they evaluate networks.
First, when adopting encryption, partners must ensure their customers test their firewalls, segmentation and authentication infrastructure to understand how their performance and throughput will be impacted. Customers must then replace isolated legacy-point solutions with next-generation firewalls (NGFWs) that are also able to inspect encrypted traffic without sacrificing critical performance levels.
Next, to protect SaaS and IaaS instances, your customers require …