It’s common knowledge that the war against cyber crime is not being won, and that the security industry is playing a catch-up game at best. In fact, it is many security professionals’ assertion that we cannot keep threats out of our networks, and thus we need to focus on containment and mitigation only.
Lutz Blaeser, MD of Intact Security, believes relinquishing importance on prevention is a bad idea, and equates to surrendering the cyber war. “In the info security world, however, we are definitely seeing a move towards network security, governance and vulnerability management.”
He says some success is being seen in terms of protecting networks and data, but improvements are needed. “Even as we work towards better security, and more advanced tools, hackers are coming up with more sophisticated and cunning weapons with which to bypass them.”
Moreover, he says in conjunction with the growing threat from outside entities, we are dealing with an increased threat from within, that of shadow IT. Shadow IT is a term used to describe tech systems and solutions that were created and applied within organisations, without their approval.
“It usually starts when a department within the business feels hampered by what they see as the technical department’s failure to provide them with what they think they need, and they go off and create their own solution, without technical knowledge. IT will only become aware of this once a technical issue occurs, or when integration with other application within the enterprise is needed. As you can imagine, this causes many headaches for the technical team.”
According to Blaeser, the buck ultimately stops with the IT department, whether this is fair or not. However, in the event of a security incident, IT will have to deal with the CEO, regardless of who may be at fault. “The challenge, of course, is how to find and secure all these shadow IT applications within the enterprise.”
Understandably, few technical departments have the resources to handle the multiple requests that all these applications and users would generate, but a plan needs to be made, as the fallout should a breach occur due to shadow IT could be catastrophic, he states. While there is no silver bullet to fight the shadow IT problem, there are several measures IT can take to minimise the problem and identify any problems before they become a major threat.
Firstly, he advises to monitor outbound traffic, as this is the best way to ensure you know what is going on inside your company. “Firewalls focus on incoming traffic, but can be configured to keep logs on outgoing traffic too, and once you know where the traffic is going, you are better placed to pinpoint any applications you were unaware existed. Moreover, once you are better aware of outgoing traffic, you are better able to control it.”
In addition, he says user education is vital. “Most employees have a vague idea of the risks, but are quite happy to ignore them. Others are completely ignorant, and have no understanding of the situation. Educate your staff on security in general, and make shadow IT a part of that discussion. Do not leave executives out of this training and education. Once C-level executives are aware of the dangers of shadow IT and the potential fallout it could cause, they are far more likely to come on board and help control the problem.”
Behind the screen….. Intact Software Distribution is a dedicated software distributor focusing on providing a full range of security software solutions, coupled with the service performance and know-how of an experienced and specialised solution provider.
- Adapting Conservation into a Economic Activity | #eBizTrends | Dion Chang - September 20, 2019
- Cry our beloved SMEs | #eBizWires | Lukhanyo Bushwana - September 20, 2019
- Obsidian Systems’ end-to-end coverage of Open Source Week 2019 - September 20, 2019
- Financial Institutions – Be Better | #eBizWires - September 20, 2019
- How to Register your own SA Company for under R300! #Insight |#IP Braai - September 19, 2019
- Being a Finance Director in your 30’s | #eBizInsight| Emilie Bigot - September 19, 2019
- Gill Randall on Local Newspapers | #eBizInsights - September 17, 2019
- The Truth About Xenophobia in South Africa |#Insights |#Devan Moonsamy - September 16, 2019
- FLEXIBLE WORKSPACE IS THE NEW FRANCHISE FRONTIER | #eBizInsights - September 16, 2019
- How the office will change by 2025 in Africa? |#eBizInsights - September 13, 2019