Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

People Factor Forms Essential Part Of Next Generation Security Policies

Check Point : 09 January, 2012  (Technical Article)
Check Point details the human factor in planning for a successful corporate security policy for the future
People Factor Forms Essential Part Of Next Generation Security Policies
Terry Greer-King, UK managing director at Check Point shows why it’s critical that organisations understand user and application activity, to create cohesive next-generation security policies

What does next generation mean?  It implies we have something new and beyond what came before it.  It’s certainly the implication in security, with firewalls.  As networks have evolved over the past decade from relatively simple to far more complex topologies, so too have firewalls.  The move to Web 2.0 and mobile computing, not to mention virtualization and cloud deployments, have forced businesses to handle more network events and a greater variety of traffic.  And so firewalls have moved from simple monitoring of certain ports, IP addresses or packet activity, to scrutinising specific user- and application activity.  

However, even with this evolution, it’s worth noting that firewalls have been able to identify which applications are use for the last 17 years.  When firewall vendors say ‘next generation’, they’re actually referring to a basic feature in most firewalls today.  Of course, there are far more applications in use in most companies now than ever before, but the principle of application identification in itself is nothing new.

What IS new is the complex way that networks are being used, and the way that users are accessing data.  Networks have been traditionally defined by the addresses they use;  provided users don’t move around too often or change IP address, tracking them is relatively simple.   This used to mean that applying security was relatively simple, too, with security policy management defining access based on the internet protocol (IP) addresses of the devices in use.

Unfortunately, policy management is now outdated in most organizations because the control they exert over the devices that connect to their networks has lessened.

Growing demand for smartphones and tablet PCs, has equated to people having multiple devices and, therefore, many IP addresses.  The rise in mobile computing, together with new online applications, makes it difficult for businesses to keep up with policy change requests.  If the requests keep coming in based on users and their devices and organizations are still compiling policies based on static IP addresses, the business is already exposed to risks that they can’t even see.

Even more worrisome is the fact that many of these devices are being brought in from users’ homes without being validated, secured or even looked at by the IT department.  Users are bleeding their personal devices such as tablets, smartphones and personal laptops all over networks, taking work home and bringing home to work. As organisations adopt more agile computing solutions, they are finding that security policies cannot keep pace with the changes, creating all sorts of headaches.  

So how should they approach the development of security policies that reflect the way networks are being used today?  And how do they ensure those policies are enforced?   

What’s needed to help companies manage risk, protect data, audit network activity and give better control over what users are doing isn’t a ‘next generation’ product or feature:  it’s next generation policy management.  

Knowing who your users are is critical to managing policy;  knowing what IP addresses they are using, less so.  As such, defining policy based on user access AND type of device is the only logical choice, as it gives a smarter means for managing access from fast-growing consumerized estates, where the device may not always be known.

Understanding what devices employees are using for network access will also help organisations make informed decisions about their security policies.  This allows them to track what devices have accessed which data, so if they need to determine where data may have been breached from, there is already a defined limit on the number of people and devices with access.  Consider just how more effective security policy could be with the addition of this parameter.

The ability to identify application activity on a firewall or gateway is nothing new.  However, the ability to identify applications that are NOT defined by standards – such as web applications, social media portals and more -- is a powerful addition to creating a next generation policy.

If you add the ability to detect and manage user access to those applications, businesses can further strengthen application control.  By allowing users to interact with the security system, both to remind them of corporate policy on acceptable use of applications and to take feedback in real-time on why the user needs access and the intended purpose of their usage, organisations can add a further layer of security reinforcement and protection.  

The three points covered so far help to ensure organisations can identify which users are accessing the network, from which device or application. However, the core element of security policy is the ability to analyse the data that is being accessed, sent and manipulated to ensure users are not sharing – or leaking – sensitive information.  This requires assessing not only what applications employees can use, but what data these applications are allowed to use, and, in turn, taking steps to protect sensitive data from inappropriate or non-compliant usage.

In conclusion, the increasing adoption of consumerization, virtualization and cloud computing means that network infrastructure is no longer static:  it’s agile, dynamic and fragmented, with data flowing in unexpected and unpredictable ways.  

Next-generation security has to include the ‘human factor’ – the people using networks, the devices they use, the applications they are allowed to run, and the data those applications can access and modify – to reflect this dynamic network usage.  Only then can you create cohesive, next-generation security policies that truly protect what matters to your business.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo