By Hiram Machado
This post originally appeared on LinkedIn. It is reprinted here with the permission of the author.
First, let’s talk about the evolution of IT and the evolution of threats.
In the early days, we had hobbyists trying to break in for the fun of it. Teenagers, for example, in their garage, who were trying to show off to their friends. IT was worried about mainframes, which were closely controlled. Very few people had access to the physical machines, but as time went by, IT started dealing with client-server configurations and mobile devices connected to the network, and things started to be a little more complicated.
Perhaps the most detrimental change related to cyberattacks in recent years is their increased monetization. Financial motive has become the core reason for attackers. Different groups have organized much like any other business and increased the level of specialization with activities like reverse engineering, looking at protection applications and determining how to break them, and sometimes tailoring malware for a specific purpose and selling it. Cyberattacks have became a profession.
The Increasing Complexity of Cybersecurity
IT software companies used to think about security as removing the vulnerability they had in their software and running a virtual fence around the perimeter of their network environment. Now with all the different models of cloud — whether public cloud, private cloud, hybrid deployments of network infrastructure, IoT (internet of things), social media and much more — it’s became exponentially more complex to protect IT infrastructure.
Some of the elements the modern organization faces today from an IT standpoint are:
- Enterprise Hybrid Environment
While migration to the cloud is almost inevitable, it will take years to migrate or retire all legacy systems.
- Mobility is Key
There is increasing demand for a seamless experience across mobile devices. Volume is exploding and diversity is also growing.
- IoT is Growing
IoT adoption is creating demand for app development and cloud usage. The security methods for PCs are poorly applicable to an IoT environment.
- Hostile Environment
Attacks are increasing and becoming more frequent and sophisticated. With new technologies coming up daily, blind spots are appearing, as are opportunities for attackers.
The environment today looks completely different from what it was even five years ago. In the new world, instead of thinking about security in respect to protecting your IT environment, physical location of your servers, setting up the perimeter around your network and provisioning and controlling user identities allowed to connect to your “well-protected” environment, the modern organization is required to reconsider security for identity and device protection as well as controlling access to your data assets and applications in an environment that is not fully controlled by you (the cloud environment) or the identity of the user (credentials) are not provisioned by you.
In the modern organization, identity is the new perimeter. The idea is that you must control all access, from different devices, to the data that you control and want to make available to your employees and associates. In the modern world, an organization must be agile and efficient in regard to threat detection. Automated and integrated security tools are the new order in an IT environment.
Based on the sheer number of attacks carried out every day, it is impossible to guarantee 100 percent protection. Understanding how to detect and respond to an intrusion is as crucial as working on preventing the intrusion.
There is an additional component of protection and data handling compliance if you are dealing with regulated data such as PII (personal identifiable information). More and more regulations are being created. One example is GDPR (general data protection regulation). Issued by the European Parliament, the Council of the European Union and the European Commission in April 2016, GDPR will be enforceable starting this month.
The 4 Components of Security
The four components a good operating platform must provide regarding security are:
- Identity and access management
- Threat protection
- Information protection
- Security management
There are many specific solutions out there to address different aspects of the components listed above. Microsoft is working on providing an integrated and comprehensive solution to address the challenges of cybersecurity. Microsoft Enterprise Mobility and Security, or EMS, is an affordable suite of tools you can license from Microsoft that works on hybrid environments (cloud and on-premise) as well as cross-platforms, protecting different devices such as iOS and Android.
Some of the high-level capabilities of Microsoft EMS are:
- Conditional Access: This enables smart access decisions based on intelligence collected from properly monitoring the network.
- Health of the Device: Checks the device for vulnerabilities and controls access based on the location of the user when logging in.
- Multifactor Authentication: MFA can be required if users are logging in from a different device or location than usual.
- Security Updates: Checks on the latest security updates and requires users to have the most recent security patch installed before they can access the data.
- Information Protection: Controls access to documents and emails to ensure the only people who have access are the ones you intend. Also, protection and access control will travel with the document independent of your network environment.
- Security Management: This is all about getting visibility and control with tools to monitor and alert IT administrators to any suspicious activities in the network.
Cybersecurity is an intense battle that will not end anytime soon. Having a robust yet integrated suite of tools to help protect, monitor and respond to cyber attacks is already a fundamental part of an IT department.
About the AuthorHiram Machado, adaQuest CEO, has over 20 years' experience across a variety roles in the IT and localization industries, and is a regular speaker on GDPR (general data protection regulation), privacy and cybersecurity topics.
Established in 2001, adaQuest provides project management, strategic planning, cybersecurity and compliance services to organizations around the world. Headquartered in Bellevue, WA, adaQuest is a Microsoft Certified Partner for Cybersecurity and Compliance and has helped many organizations across the U.S. prepare for GDPR and prevent cybersecurity issues.
Connect with Hiram