Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Deserted Island, InfoSec Edition: What One Security Product Should You Choose?

As information security professionals, we spend a lot of time thinking about what security products are the highest priority. But as most of these decisions are mired in the nuances and details of the modern enterprise, I’d like to simplify things by bringing us back to a favorite childhood game: What would you bring on a deserted island?

As information security professionals, we spend a lot of time thinking about what security products are the highest priority. But as most of these decisions are mired in the nuances and details of the modern enterprise, I’d like to simplify things by bringing us back to a favorite childhood game: What would you bring on a deserted island?

It’s not an easy question to answer in a time when security threats are changing every day in the cat-and-mouse game we’re playing with attackers. For every new threat and attack vector, there is a new company promising the “solution.” This cycle incurs the need for security decision-makers to think about hypothetical scenarios like the “deserted island” in order to prioritize where their budget will provide the most value.

So in choosing just one of these products, we must consider what will protect the widest variety of information in the most effective way—technology that can span a wide, distributed network to block multiple kinds of attacks. There are a few ways to go about this, so security practitioners will always have multiple options when choosing their “deserted island” product.

End-to-end encryption

Securing the largest quantity of information possible means starting with the data itself. Whether the data in question is stored in your physical data center, the cloud or a third-party storage service, effective encryption and its management are central elements to shading it from attackers (not to mention maintaining compliance). This means granular encryption wherever your data is, coupled with tight access control.

Furthermore, encryption pays dividends in the case that you do get breached. With sophisticated enough encryption, even if data is stolen, hackers will find themselves with a useless pile of indecipherable information.

One caveat: the capability to decrypt encrypted traffic for monitoring and management is still crucial. We can’t forget that threat actors often use the same infrastructure we do to obfuscate their malicious payloads. In fact, accordin to a recent survey, nearly half of cyberattacks have been found to use encrypted traffic to avoid detection.

Robust endpoint protection

Vendors across the security industry continue touting the end of the traditional perimeter. Amid this noise, it’s hard to pinpoint who has the best understanding of this issue and, as a result, can provide the best solution for organizations’ ever-growing attack surfaces.

It’s true that the cloud, connected devices and mobility have made it so that the traditional boxed-in enterprise is no longer the norm. Sensitive information now lives wherever it’s being generated and accessed, down to and including a remote PC or a mobile device. Many new smart devices are also being deployed across networks that have poor security controls. Recently, security blogger Brian Krebs’s site was taken down by one of the biggest DDoS attacks enacted by a botnet composed of thousands of poorly protected IoT devices—including routers, security cameras and even printers.

In this light, an effective “deserted island” security solution should have a strong endpoint component if it’s going to protect sensitive information regardless of geographical location or device. Moreover, the endpoints need to be hardened to deter hackers from using them as points of entry and exit as well as gateways for the exfiltration of data.

Interconnected safety measures

Web services and SaaS applications (e.g. Dropbox, Gmail and Slack) have become key pieces of a company’s culture and business operations. Almost every company now relies on them, which means they can also be a point of vulnerability – simply because they become the point at which you lose control over the applications that have access to your business’s information. There’s always the chance that the third-party companies providing web services can be compromised, putting your business at risk in the process.

In this situation, security tools are great and encryption, essential. However, with the growing number of data and endpoints moving freely throughout the enterprise, it is becoming increasingly difficult for security solutions to protect a perimeter with firewalls, IPS/IDS, sandboxes, etc. Endpoint protection and end-to-end encryption are not the end-all to network security issues on their own. More than basic controls, there needs to be increased transparency around service security, user and application behavior and network visibility. Companies deserve to know how third-party providers are using and protecting their data.

Thankfully, we aren’t on a deserted island for which we have to choose only one product to protect online information. But the exercise is important and can help security professionals better prioritize and understand which security products will make the most impact. This level of awareness is essential in an industry where every shiny new toy is cause for both panic and throwing money at the problem. It is impossible to find the cure-all for security issues as we battle creative, intelligent malicious actors. But employing encryption, endpoint protection and ensuring security professionals have a clear understanding of the products available to them is a strong start. There’s a difference between “nice-to-have” security products and “must-have” security products. The “must-haves” are critical to protecting organizations from cyber attacks.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...