There are some serious things looming on the security front for 2017.
Despite your position on “Russian hacking of DNC servers to influence the outcome of a US election,” there was a breach somewhere. A small breach, but with big consequences. It could have been a high-level attack on an otherwise well-protected network. It could have been one or two careless actors in a mass of otherwise buttoned-up users. It could have been a single disgruntled employee slow-walking data out the door on a USB drive. With all the political noise surrounding this headline leak, we will probably never have the definitive answer. Yet, we do know a few things. Data was released that should have been under tight control. Things were made public that were never intended for daylight. Most importantly, the organization suffering the breach lost some credibility at least, and perhaps, much more.
It is easy to think of data security in the abstract, potential loss of client data, a new product secret on the open market, an executive who sends things in email that should not even be said aloud. The real risk, however, is no less catastrophic than a fire that burns a warehouse to the ground or a complete collapse of the stock price. Previously data theft was mostly about money, a break-in to the cash drawer. Now brand reputation and corporate trust are targets. It is not a stretch to suggest that we will soon see black market Data-Breech-as-a-Service hackers employed to give unscrupulous competitors an unearned advantage.
Add to the risk new security threats that can come with virtualization. Virtual networks can be more secure, theoretically, but they rely on the standards of the cloud space. Although we have not seen reports of it yet, it is technically possible for a breach of one virtual machine on a server to be used to open the door to an attack of the physical machine’s hypervisor, thereby threatening all VMs sharing space in the cloud. The best cloud providers will have security enforcement at the hypervisor level, but how well the provider isolates VM guests is just one more consideration.
Lessons from the DNC
Data security for 2017 is a full-on effort. Your company has responsibility for internal data security. Clear data security policies are critical. It is essential to set standards for network access and email communications. Once those policies are in place, they must be vigorously enforced at all levels.
It is no longer acceptable to have good enough security on your data network. A combination of hardware security like zone based isolation and firewalls can be combined with virtual security for in-house networks. Most offices will be adding equipment with embedded sensors connected to their networks. With the addition to networks of IoT technologies like lighting, climate control and even appliances, which are not built with enterprise level security in mind, zone boundaries are increasingly important, even for cloud-based systems. These potential security weaknesses need to be isolated from critical data channels. Cloud providers themselves may represent hidden risks. Selecting a cloud host is much more than price and bandwidth shopping.
The best time to think about network security is now. Solutions are available, and because of the industry-wide shared challenge, innovation is ongoing. Organizations that ignore network security will surely pay a price. Even a solid security plan should have regular, scheduled reassessment. The threat is real, and it is not going away.
Frontier Computer Corp. is your IT solution provider. Contact us today for help with network security, to virtualize your network, or to keep your secure network running smoothly.
Contact FrontierUS at 866.226.6344.
Frontier Computer Corp. is a leader in providing IT solutions worldwide.
