There has been a data security arms race dating back to at least the 1970s. In recent years, however, that arms race has escalated steeply, with many global hacking and black-hat activist groups deploying increasingly sophisticated and wide-spread attacks that are difficult to defend against.
Worse, many of these attacks are done for no reason other than to prove they can be done. The recent high-profile attacks on the Sony and Microsoft gaming networks over Christmas, for example, were engineered by a small group who had no ideological, or monetary goal. Taking down the XBox and Playstation networks was simply an advertisement for the hackers’ do-it-yourself botnet software.
Bring-Your-Own-Device (BYOD) policies similarly bring big security challenges, with the majority of data breaches now coming from plain human error. Networks are growing faster than anyone can oversee them, much less protect them. Companies that desire safety from cyberthreats in 2015 will need to take security more seriously.
Major Network Security Concerns In 2015
1 – Visibility
Today’s Systems Administrator needs the ability to actually see what is happening on the network at any given time. The high-profile attack on Sony Pictures involved many terabytes of data being transferred out of the system, including complete uncompressed movies in production. Had Sony’s sysadmin even known this was happening, the hack could have been shut down far earlier.
Investment in network visibility solutions, such as “smart” systems alerting admins to potential issues, and admins who are capable of understanding what those alerts mean in context of the entire network, is neccessary.
2 – Mobile Application Management (MAM) over Mobile Device Management (MDM)
For many companies, the solution to BYOD security problems was Mobile Device Management (MDM). In this scenario, a business takes direct control of employee devices, dictating installed software and firmware.
The problem here is twofold. First, employees find this extremely intrusive and resent having to give up control of their personal devices. Secondly, MDM is not very effective – there are too many other avenues for attack. Additionally, if MDM damages the device, a nasty blame game and Human Resources problem can erupt.
Mobile Application Management (MAM) is a more valuable investment. By putting protections on the server side, restricting access to data and apps, MAM can block suspicious activity without putting onerous controls on workers’ devices.
3 – Flexibility
Finally, in a more general sense, businesses must find ways to improve cyberthreat response times. Hackers are intensely “in the moment,” monitoring their attacks closely, and quickly adapting attack strategy in response to defensive moves. When system administrators, or network security bots are handcuffed by procedures that guarantee day or week long delays, hackers have the advantage.
Businesses must take network security as seriously as a nation protecting its physical borders. Defense measures, such as Mobile Application Management, improvements in network visibility, and reduced threat response times are paramount. In 2015, anything less is an an open invitation for hackers.