Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

To See or Not to See? It Shouldn’t be a Question

In today’s world, IT professionals may find themselves asking some tough questions about network visibility: How do we see the whole network? What tools do we need? How do we stay compliant? Although not life or death questions, hats off to Hamlet, they are important to ask for an organization’s security posture. This is especially true considering the rise in data and network complexity, coupled with concerns about privacy and security. 

In today’s world, IT professionals may find themselves asking some tough questions about network visibility: How do we see the whole network? What tools do we need? How do we stay compliant? Although not life or death questions, hats off to Hamlet, they are important to ask for an organization’s security posture. This is especially true considering the rise in data and network complexity, coupled with concerns about privacy and security. 

Innovations in digital business, big data, social collaboration and the Internet of Things have pushed the limits of existing computing systems, in turn, forcing companies to up level their infrastructure including taking to the cloud. Encryption has also taken over half of the web. Organizations and their workforce have gained new levels of productivity and security in the process but have sacrificed visibility and control. This can be a problem considering all the sensitive information being handled by the modern corporate network.

In such an environment, sophisticated exploits still occur, information is still hijacked— all while complexity hinders the ability to see what is going on in the networks at a granular level. It makes it a difficult task to take on but it’s not without a solution. Here’s how businesses should address this challenge when security risks and compliance limit full visibility.

Peering Through the Mask

Full visibility is necessary when it comes to security. But some things should stay hidden, ranging from Personally Identifiable Information (PII) to critical production data. Standards and regulations on data are in place across industries that limit who can view and use it. How do you have both?

Data masking, where data access restriction essentially makes data invisible, replaces vulnerable, or sensitive data by obfuscating parts of it or replacing it with information that looks real. In essence, when data is masked, it’s altered so that the basic information remains the same but the key values are changed. 

This does not mean that full visibility is no longer attainable, only that the data that shouldn’t be seen is, in fact, not. 

When to Put on the Mask

Advertisement. Scroll to continue reading.

There are several things to consider when parsing between data to mask and data to keep visible, especially when dealing with data protection requirements. Here are some cases in which masking can be particularly useful. 

Testing

Companies must often have true-to-life datasets to test and develop relevant software. However, creating fake datasets can be both expensive and time-consuming. To fight this, real data can be masked and leveraged for the same purposes to boost efficiency without risking security. This is also useful when outsourcing, as it limits the exposure of the real data. 

Monitoring and Recording

Companies usually need to monitor and record data, but by law cannot store PII. Data masking eliminates that concern, allowing companies to record while masking sensitive data. 

SSL Decryption

While protecting data, Secure Socket Layer (SSL) encryption also poses a risk, as hackers leverage encrypted data to sneak in and pilfer sensitive information. As such, organizations decrypt and examine SSL traffic passing through their network to ensure there is no malicious activity. But SSL decryption means anyone with access to the monitoring tools can view the sensitive data behind the encryption. Fortunately, there are tools that can decrypt SSL data while masking the data that shouldn’t be exposed. 

Doing It Right

Not all data masking solutions are created equal. To ensure you have the right one, it’s imperative that the organization already know how it is going to be used. In all, it’s about what is being masked, how easy access to data is meant to be and how it will be distributed.

For instance, is it just for the purpose of distributing data to a DLP device for analysis, or does it need to be amenable to native searches? If the latter, the solution should support regular expression (Regex).  Further, if accessing data via Regex searches, network packet brokers may be worth considering. They allow for easy collection of data, search and distribution to monitoring equipment. There are also processors that can work with data masking solutions atop Regex that can help easily sift through traffic, identifying anomalous activity and other trends in application use. Network administrators simply specify what traffic to find and how it should be presented.  

Ultimately, security in today’s complex networks and regulations comes down to how a network is seen — not if all of it can be seen. With so much data floating around, it will be up to the company to decide how they approach the problem. Let’s just hope it doesn’t end in tragedy like it did for our friend Hamlet. 

Written By

Marie Hattar is chief marketing officer (CMO) at Keysight Technologies. She has more than 20 years of marketing leadership experience spanning the security, routing, switching, telecom and mobility markets. Before becoming Keysight’s CMO, Marie was CMO at Ixia and at Check Point Software Technologies. Prior to that, she was Vice President at Cisco where she led the company’s enterprise networking and security portfolio and helped drive the company’s leadership in networking. Marie also worked at Nortel Networks, Alteon WebSystems, and Shasta Networks in senior marketing and CTO positions. Marie received a master’s degree in Business Administration in Marketing from York University and a Bachelor’s degree in Electrical Engineering from the University of Toronto.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.