Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
1/16/2018
09:30 AM
Paul Martini
Paul Martini
Partner Perspectives
Connect Directly
Twitter
RSS
50%
50%

Top 3 Pitfalls of Securing the Decentralized Enterprise

Doubling down on outdated security practices while the number of users leveraging your enterprise network grows is a race to the bottom for businesses moving to distributed workflows.

The modern enterprise doesn’t live within four walls. It’s distributed, with companies leveraging digital communications to connect their brightest minds, and give teams the flexibility they need to successfully execute their most pressing tasks. But for all the benefits that decentralization promises, it also begins to blur the network perimeter, which forces security teams to think more critically and creatively about their defenses. When networks become distributed, there are numerous pitfalls that await them.

Pitfall 1: Devices and Users
The proliferation of mobile devices has put fully functional computers in the palms and pockets of virtually every modern worker. Whether part of a bring your own device initiative or delivered to employees directly by the company, employees use these essential work tools to access business-critical data, even when they aren’t plugged in at corporate headquarters.

The downside is that when employees connect to information systems and enterprise data from outside of the safety of the corporate network, it’s critical to keep tabs on where that traffic originates and if the device or user has permission to access enterprise data. Administrators need to be sure that they keep directories current to dictate permissions and proxy settings, while also doing all they can to monitor for traffic origins that could indicate illegitimate or malicious activity. By having an up-to-date registry of users, their devices and the associated permissions of that individual’s rank and role, teams will more easily be able to spot anomalous traffic patterns that indicate data theft.

Pitfall 2: More devices breed more applications – and threats
Part-in-parcel with the proliferation of mobile devices in the workplace is a boom in new applications and software – both for business and for pleasure – that employees are hungry to download. The problem here is twofold: For starters, non-essential applications can be a drain on bandwidth, so administrators need the ability to prioritize network capacity toward business-critical activity to avoid latency.

Further to that, just downloading any content onto the network from an outside source – whether a smartphone game or a word document – can open the floodgates to potential threats hiding in plain sight. Trojans – malware hidden within seemingly innocuous file types – can be unleashed on a corporate network via a personal email attachment, initiating a wealth of attacks – from DDoS to command and control callbacks – aimed at stealing data and disrupting network performance.

Pitfall 3: Bulky defenses only complicate security
Even security teams that are already meeting these challenges may not be taking the easiest or most effective route to securing decentralized networks. For instance, many teams will layer on security solutions by purchasing additional on-premises security appliances as bandwidth needs grow. While this approach will provide the additional security capacity needed to protect traffic, each piece of hardware will require dedicated security management, and put extra demands on IT to create costly and complicated backhaul networks.  

A better solution is for organizations need to simplify control and network pathways in order to give their business as much visibility into the activity taking place on their network as possible. Rather than installing hardware in a cumulative fashion, adopting additional consoles and vantage points into the network for teams to monitor, organizations need to strive to have all network activity presented from a single pane of glass.  

The decentralized organization isn’t a passing fad, but as costs pile up, a business that doesn't evolve its security strategy to enable it might be. Doubling down on outdated security practices while the number of users leveraging enterprise networks grows is an easy race to the bottom for organizations moving to distributed workflows.

Paul Martini is the CEO, co-founder and chief architect of iboss, where he pioneered the award-winning iboss Distributed Gateway Platform, a web gateway as a service. Paul has been recognized for his leadership and innovation, receiving the Ernst & Young Entrepreneur of The ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
iboss has created the first and only web gateway as a service specifically designed to solve the challenge of securing distributed organizations. Built for the cloud, the iboss Distributed Gateway Platform leverages an elastic, cloud-based node architecture that provides advanced security for todays decentralized organizations with more financial predictability. Backed by more than 110 patents and patents pending, and protecting over 4,000 organizations worldwide, iboss is one of the fastest growing cybersecurity companies in the world. To learn more, visit www.iboss.com.
Featured Writers
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Now about that mortgage refinance offer from Wells Fargo .....
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7097
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery.
CVE-2018-7098
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal.
CVE-2018-7099
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow disclosure of privileged information.
CVE-2018-7100
PUBLISHED: 2018-08-14
A potential security vulnerability has been identified in HPE OfficeConnect 1810 Switch Series (HP 1810-24G - P.2.22 and previous versions, HP 1810-48G PK.1.34 and previous versions, HP 1810-8 v2 P.2.22 and previous versions). The vulnerability could allow local disclosure of sensitive information.
CVE-2018-7077
PUBLISHED: 2018-08-14
A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and prior to 8.6.0-00), Configuration Manager (CM 8.5.0-00 and prior to 8.6.0-00) could be exploited to allow local and remote unauthorized access to sensitive information.