In today’s digital economy, technology has led to new levels of innovation, competitiveness, productivity and growth — but it has also made organizations more vulnerable to cyber threats. A future-ready enterprise is one that is able to reap the benefits of these new trends while limiting its exposure to security threats.
The traditional approach to security has been to address each specific security problem with a best-of-breed solution. However, these tools seldom interact with each other, and the approach increases both the cost and complexity of the overall system.
But today, there is an even bigger problem with this traditional approach to security. As organizations adopt mobile, BYOD, cloud, IoT and other technologies, the threat surface continues to increase and the enterprise perimeter has ceased to be the only gateway to corporate data. New threat vectors specifically exploit the siloed nature of traditional security solutions by bypassing perimeter defense and directly targeting the gaps.
Example: How a Traditional, Siloed Approach to Security Can Fail Today
Consider Joe, who works for a company that has implemented a BYOD program. One day as he’s using his personal laptop, he accidentally downloads a piece of malware designed to steal data — let’s say the CoreBot Trojan that was detected last year, which got rave reviews from black hats for its modular design and real-time data exfiltration capabilities. In the absence of an updated endpoint security solution, the antivirus tool on Joe’s laptop is unable to detect the presence of this malware.
Joe then tries to log into the corporate network through a VPN, and the malware tries to propagate from his infected laptop into the network. However, since the traffic goes through the enterprise firewall, the malware is quickly detected and the system is quarantined. Network security seems to have saved the day!
However, Joe is frustrated that the VPN is not connecting and he needs to get his work done. So he decides to access the corporate applications that are hosted on a public cloud, perhaps Office365 or Salesforce.com. The SaaS application uses the same corporate credentials and logon is granted. The online authentication process, despite best-of-breed federated identity management using SAML, fails to detect the threat because its identity sources were not aware of the intelligence gathered by the network firewall.
After logging into the application, Joe happily downloads the data and files he was looking for. Behind the scenes, CoreBot also gets to work — exfiltrating sensitive data to its remote command and control server.
The Only Real Security is Connected Security
With an increasingly mobile workforce using a variety of devices, this scenario is completely plausible. Therefore, a future-ready security solution must be able to share intelligence and context-awareness across multiple layers of defense. For example, the identity management system should be able to draw intelligence from the network audit logs and therefore block a user who triggered a malware event on the firewall.
Quest's connected security strategy can enhance security across the organization by inspecting every packet, governing every identity, protecting the data wherever it goes and sharing intelligence across networks, endpoints and users to enforce better security controls. Security solutions from Quest deliver:
For more details on how connected security from Quest can improve your overall security across endpoints, networks and user identities, read our new e-book, “Technology Tunnel Vision, Part 4: Deploy Future Ready Security for your Network, Endpoints and Data.”