Appliances are proliferating. Thanks to shorter buying cycles, product that are easy to use (who cares about interoperability), and constant improvements based on user feedback.
All these appliances end up on corporate networks with endpoint users, who chose to download a variety of applications to complete their work efficiently. And with such a dynamic appliance and application landscape, there is the threat of introducing the unknown into the system. It is through these vulnerabilities that data leaks out – causing business loss and even stiff penalties from government regulators.
It is imperative that one is able to control such endpoint applications, scan them for sensitive data, understand who is initiating such applications and the reasons why and implement appropriate process policies and technologies to prevent accidental leakage of data. Unfortunately, traditional port-based and protocol- based firewalls are not competent enough to provide the level of security that is needed.
It is no longer a simple good vs bad or allow vs disallow decision that needs to be taken. It needs to be taken at the ‘trust’ level, with understanding of the interactions between the outside and inside, between users and between applications at the data centre level. Only next generation firewalls can provide ‘deep packet inspection’ inline without disrupting network speeds, along with intrusion detection and prevention and website filtering.
The ante has been upped in the war against cyber crime. But the users are doing their best to be non-compliant to security needs of an organization. This is an on-going battle. May the best firewall win!
Related Video
Vijay Bharti is the Chief Information Security Officer (CISO) and Senior Vice President of Cyber Security practice at Happiest Minds Technologies. He brings in more than 20 years of experience in the area of IT Security across multiple domains like Identity and Access Management, Data Security, Cloud Security and Infrastructure Security.
His recent work includes building Security Operation Center frameworks (including people, processes and various SIEM technologies) where he is working on building an integrated view of security and ways of leveraging advance analytics and big data innovations for cyber security.
