B. Ashok*, senior vice president - IT Services, Cisco Systems India outlines the key security challenges faced by organisations today and explores how network security can help overcome them.
Information technology is an engine for economic growth and the Indian IT industry's role in the emergence of India as a rising economic power stands testimony to this fact. IDC estimates that the Indian IT industry is all set to grow to $55 billion by the end of 2008, fuelled by the rise in technology and business process outsourcing. While there are several enabling factors, certain issues like information security could debilitate this growth.
Networks are critical to business performance especially in the IT and BPO sector, with organisations depending on these networks for communication, transactions and data sharing. The overriding concern of CIOs today is to ensure their networks are constantly safeguarded against attacks. As a result, information security is increasingly playing a strategic role in today's business.
Organisations outsourcing to India look for service providers with strong security practices and robust, secure yet open networks. Ensuring remote accessibility in a world that's adopting wireless technology can only translate into one thing - network security today has to address the ever-expanding definition of the network and all related security requirements.
Enterprises face daunting challenges when it comes to security. Worms and viruses, spam, internal theft, hacking and employees with malicious intent are just some of the security challenges organisations face today. In addition, IT and BPO service providers have to address the following issues:
Compliance to regulations
The Sarbanes-Oxley Act, Graham-Leach-Bliley Act, Health Insurance Portability and Accountability Act Privacy Rule (HIPAA), Data Protection Act and other sweeping regulatory changes pose unique challenges to the way data is handled by IT and BPO service providers.
Enterprises are constantly handling the data and information of their clients' customers. Care should be taken to ensure that the information is used only for purposes authorised by the owner or supplier and is not shared with unauthorised personnel.
While the concern for data protection always existed, the outsourcing phenomenon has only increased the concern for protection of sensitive information. While stringent data protection laws exist in the EU and USA, most clients are keen that their service providers have similarly stringent policies to prevent the misuse of data.
While addressing security concerns, organisations need to consider factors like:
- Integrity: gathering and maintaining accurate information and avoiding malicious modification
- Availability: providing access to the information when and where desired
- Confidentiality: avoiding disclosure to unauthorised or unwanted persons
Securing your network
Given the severity and potential threat of these security challenges, it is imperative that an organisation employs an integrated security strategy, where the network is equipped to defend itself. In other words, every device in the network - desktops through the LAN and across the WAN - plays a part in securing the networked environment through a globally distributed defense.
With integrated security, enterprises can enable networks to identify threats, react appropriately to the severity level, isolate infected servers and desktops and reconfigure the network resources in response to an attack. Some of the key elements to this strategy are:
A vast majority of companies use the flexibility and cost effectiveness of the Internet to extend their networks to branch offices, telecommuters, customers and partners. Ensuring the privacy and integrity of all information is paramount. Not only must organisations protect external communications, they must also help ensure that the information transported across an internal wired and wireless infrastructure remains confidential. Similarly, companies must secure voice and video as they use their existing network infrastructure to provide new business-enhancing services.
The dilemma many businesses now face is how to protect the privacy and integrity of all information while cost-effectively creating a manageable communications infrastructure that will improve productivity, enable new business applications and enhance business efficiency. Additionally, many companies are mandated by governmental or industry regulations to ensure the privacy of information.
Some of the key technologies that enable secure connectivity are Virtual Private Networks (VPNs). These establish secure, end-to-end private network connections over a public networking infrastructure. In addition to reduced communications expenses, VPNs allow mobile workers, telecommuters, partners and day extenders to take advantage of broadband connectivity. VPNs have become the logical solution for remote access or site-to-site connectivity.
Threat defense systems
Network security must protect a business from threats, both known and unknown, such as access breaches, "Day Zero" worm attacks and viruses, and internal threats, which cause the most damage.
Moving forward, network security must shift from being perceived as a cost centre towards actually saving your organisation money through productivity increases, business resiliency and business operations stability. With the two heavy requirements of providing higher protection and increased profitability, a systems-level approach toward defense-in-depth is required.
Simply put, enterprises need to have a collaboration of security solutions and intelligent networking technologies that identify and mitigate both known and unknown threats from inside and outside the organisation. This unique systems approach protects your business productivity gains through flexible, customisable deployment of security and network services, providing comprehensive coverage throughout the network, from the network data centre to branch offices and down to the end points.
Endpoint security solutions that protect desktops and servers, Distributed Denial of Service (DDoS) attack detection and mitigation, integrated firewall solutions, network intrusion protection systems that identify, analyse and stop malevolent traffic, content security solutions, monitoring solutions that provision and monitor security services and network activity are some technologies that form this elaborate yet key aspect of integrated security.
Trust and identity management
Businesses need to effectively and securely manage who and what can access the network, as well as when, where and how that access can occur. Deploying a complete identity management solution lets enterprises secure network access and admission at any point in the network, while isolating and controlling infected or unpatched devices that attempt to access the network.
Organisations can also streamline the security management of remote network devices while taking full advantage of existing security and network investments. Identity management solutions basically:
- Authenticate entities and determine access privileges based on policy
- Authorise and control network access, and push access policy enforcement to network devices via VLANs, access control lists (ACLs), etc.
- Track the who, what, when, where and how of network activity
Comprehensive and robust identity management solutions and services guarantee the identity and integrity of every entity on the network and apply appropriate access policy; deliver visibility into network activity; secure the centralised management of remote devices; and provide authentication, authorisation and accounting (AAA) functionality across all network devices.
In addition, these solutions expand network security preventing unauthorised network access from rogue wireless access points. They automatically identify users requesting network access and route them to a VLAN domain with an appropriate degree of access privilege based on policy (for example, guests versus employees).
Lastly, these solutions allow network access only to trusted endpoint devices that can verify their compliance to network security policies, such as having a current antivirus image, OS version or patch update. Thus, they permit, deny or restrict network access to any device as well as quarantine and re-mediate non-compliant devices. While some of these concepts have already been implemented, security and networking vendors are working together to realise the full benefits of integrated