It is arguable we are seeing the death of prevention-centric security strategies. A recent Gartner report suggests that advanced targeted attacks are set to render prevention-centric security strategies obsolete, going on to predict that, by 2020, securing enterprise IT will require a shift to information and people-centric security strategies focused on an infrastructure’s end-points.
Naturally, with an increasing number of connected devices entering the workplace, there are so many more end-points to monitor, and, subsequently, more challenges than previously anticipated. A recent survey carried out by Nexthink set out to investigate these issues and the current level of insight that IT teams have into their IT infrastructure security. The results provided some interesting findings. For example, only a third of companies believed that they’re able to identify vulnerabilities before they can be exploited (37.62%). This is worryingly low but unsurprising; IT departments are struggling with the explosion of trends such as BYO which continues to dominate and, more recently, the challenges posed by the Internet of Things (IoT). According to the survey, the majority of IT departments believe that the IoT represents a growth in threats to IT security (88%).
This argument is supported by the statistic that just over a third of companies from our survey said they had a BYO policy (35.64%). Coupled with the fact that many devices being used in the workplace are not actually owned by the organisation – the enterprise has a tough job on its hands. In a connected world, organisations cannot be blasé about technology trends such as BYO and more recently IoT and the risks that they bring with them.
So what is the answer? This is where IT operations analytics (ITOA) comes in. ITOA monitors businesses’ end-user devices to ensure compliance with company security policy and standards. The emphasis here is on the importance of the end-user.
ITOA enables organisations to monitor their infrastructure in real-time which is key – enabling the IT team to identify trends and patterns of normal behaviour and activity. Once an idea of what normal behaviour looks like has been established, from the analysis, behavioural anomalies or deviations can be identified as potentially malicious activity. Having identified this anomalous behaviour, it is then possible to isolate the affected end-point and resolve the issue. Real-time analysis means the problem can be identified and rectified faster.
Ultimately, as we all become more connected and there is no longer a firm distinction between technology in the workplace and the home, organisations will be forced to accept that ITOA is fundamental in the performance and security of their business.
Poul Nielsen, Director Of Strategy, Nexthink
Our company name reflects the ideas and passion of our founders to use forward thinking (i.e., to Nexthink) to solve real problems in a way no one else has.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.