Really good security is supposed to protect a business, but lately it seems that malware, spam and botnets have been infecting several networks. The problem is also compounded by the fact that some companies’ policies allow employees to come to work with Ipads, Android tablets, smartphone that can all connect to the corporate network.
Bring Your Own device (BYOD) has been lately a major headache for IT security departments, although corporate America is saving a lot of money by offering this type of solution to its employees. Cloud based solution and a dedicated network seem to be the right solution for IT companies that don’t want to get into trouble with the management.
There is no doubt that, if on the one hand companies are saving money by allowing employees to bring their own devices to work, on the other hand more investment are needed to fight against hacking attacks. One way to deal with this issues is to use cloud based avanced threat protection and perform the following tasks:
– Gather Information: a device connected and enabled in a cloud service should be subscribed to bulletins about real world threats.
– Incident Response Capability: the company should write procedures to be used when a security incident occurs.
– Customized Firewall: the firewall should allow only network traffic specifically required for that business
– Web Filtering: this feature should block access to non business sites and not include the pages that host malware.
– Spam Blocking: one way to get computer infections is via email. A spam blocking feature should prevent users from opening infected attachments.
– Web Application Firewall: if the company hosts applications online, a web firewall will prevent unauthorized access to the apps.
If it is true that a cloud based protection does not involve the addition of hardware or software on the premises, companies should invest on backups that can be hosted in traditional external hard drives. In addition, it is recommended to have multiple copies of the same back up hosted also off site in order to minimize the risk of losing sensitive data.
The secret sauce to run a successful business is to blend a cloud with a traditional network security service. The major goal of an IT department is to build as much as redundancy as possible; a mirror of the main servers and computing infrastructure is the right way to secure an uninterrupted continuity of the business operations.