The importance of the network to cope with new trends has been highlighted by Cisco’s new security head
Cisco’s newly appointed head of security used a keynote speech to highlight the modern dilemma facing many security professionals – whether to lock down the network, or “free up” the technology – in an effort to secure the network.
The Bring Your Own Device (BYOD) trend and the consumerisation of IT pose significant challenges to the enterprise.
Lockdown Or Open?
While many security professionals want to lock down the network and prevent employees from using non-approved devices to access data or applications, it is not always possible, Christopher Young, the head of security at Cisco, said during his 29 February keynote speech at the RSA Conference.
Organisations are increasingly worried about the prospect of a cyber-attack compromising their data, and allowing employees to use any device for work purposes expands the potential risk.
Locking down the enterprise infrastructure doesn’t guarantee security any more than opening it into a free-for-all, as employees have no qualms about breaking the rules when it is not convenient to follow them. Security is often too cumbersome and complicated for the average user who wind up going to “great lengths to bypass security in order to do their jobs,” Young said. In a recent survey, 70 percent of employees admitted to breaking company policy, Young said.
This tendency was in evidence even among the technically savvy and security conscious audience at the RSA Conference.
The conference organisers deployed a secure wireless network that used digital certificates to authenticate devices onto the network. People lined up at the wireless help-desk for assistance in getting online connectivity on their smartphones, tablets and laptops. And there were even more people not bothering with the secure network and trying to connect to one of the free wireless hotspots, said Val Rahmani, CEO of Damballa.
Administrators are also constantly second-guessing themselves. In the struggle to come up with the right decision, security professionals compromise their own efforts, Young said.
“We have to have both. We need to have our cake, and eat it, too,” Young said.
The way to have “both” is by unlocking the power of the network, according to Young. The network is uniquely equipped to delivery security in a way very few technologies can, he said. The network is what collects the data about what users are doing, what data is being accessed, and what the systems are transmitting. The network sees all the users, devices, applications and systems, as well as the interactions between the components, Young said. All this is available in real-time, he said.
“This is why the firewall is still important,” as are virtual private networks and secure wireless networks, Young said.
It is not possible to expect administrators to physically manage every kind of device every day. As a dizzying array of mobile devices flood into the network, administrators will need to rely on the network for information about what device is connected, where it is connecting from, and what it is doing, according to Young.
“The network allows you to lock it down and free it all up,” he said.
Cisco estimates that by 2016, there will be eight billion smartphone devices globally, and desktops will be delivered on the network to whatever device the user is using at the time, Young said.
Rahmani said there should be less worrying about the exact device that is being used. At the heart, every device is essentially just an IP address, so the important thing is to make the network secure, she said.
How well do you know Internet security? Try our quiz and find out!