Top 5 network security pitfalls putting your company at risk

Despite a growing awareness of the threat posed by cyberattacks, many companies fall foul of common pitfalls when implementing their security strategies. We look at five security issues leaving your business vulnerable to attack

  • By Andrew Lintell, Regional Vice President (Northern EMEA), Tufin | Wednesday, April 25th, 2018

From a management perspective, businesses need to have visibility in their application connections in order to understand the effects that could accompany any network policy changes

In a world where high-profile data breaches have become the norm, cybersecurity has quickly become a top priority for organisations of all sizes and industries. Barely a week seems to go by without news of another cyberattack hitting the headlines, prompting businesses to invest heavily in next-generation technologies in an attempt to protect their infrastructure and keep their confidential data secure.

One way of ensuring that organisations have the right safeguards in place is through the adoption of robust network security policies. These rules ensure that only the right people have the right access to the right information, putting the organisation in the best possible position to prevent breaches from occurring.

However, there are several common pitfalls that businesses can fall foul of when implementing their security policies. Here are five of the most prominent that could be leaving your business vulnerable to cyberattacks:

Not having a full perspective of the network
Arguably one of the biggest mistakes a company can make when configuring its network security strategy is to attempt to put policies in place without first gaining full visibility of the network.

Today’s enterprise networks are vast and complex, and organisations often struggle to gain full visibility. This hinders their ability to put strong policies in place and can have a negative effect when making necessary changes to policies across the entire network. Put simply, if one policy is changed it may inadvertently reduce security elsewhere.

Cyberattacks are becoming more sophisticated than ever and new variations of both known and unknown threats are being discovered at an alarming rate

By incorporating a centralised solution that looks across the whole technology architecture, staff can manage all corporate policies through a single console and see the potential implications of policy changes before they are made. You can’t manage what you can’t measure – so start with visibility.

Disconnected network security policies
This one may sound obvious, but having network security policies in place is self-defeating if they inhibit the business they were intended to protect in the first place.

Businesses are sensitive to the fact that they need to comply with measures to protect critical assets but, if that prevents them from using the applications essential to getting the job done, they will find ways around these policies.

The solution is to provide visibility into how application connectivity is maintained in coordination with underlying network security policies. This approach ensures the business and security teams are always in sync and aligned to the end goal.

From a management perspective, businesses need to have visibility in their application connections in order to understand the effects that could accompany any network policy changes.

Leaving holes unplugged 
Cyberattacks are becoming more sophisticated than ever before and new variations of both known and unknown threats are being discovered at an alarming rate. For example, 18 million new malware samples were discovered in Q3 2016 alone – equal to 200,000 per day – and ransomware attacks on businesses reportedly increased three-fold between January and September, 2016.

This means organisations must keep their network policies up to date by carrying out regular patches and system analyses. This requires a centralised management system that looks across the whole IT environment.

Hackers are constantly on the lookout for vulnerabilities, meaning no company, irrespective of size or industry focus, can afford to leave holes unplugged.

Rigid practices
Striking the right balance between security and convenience is not an easy task, but it remains key to ensuring policies are adhered to. Any procedures that significantly hinder an organisation’s agility or an employee’s ability to do their job will likely result in them being overlooked or ignored.

Hackers are constantly on the lookout for vulnerabilities, meaning no company, irrespective of size, can afford to leave holes unplugged

The other danger is that staff will find workarounds, which can potentially have serious security and compliance implications. This is where ‘shadow IT’ – employees using applications at work without the company’s knowledge or control – comes into play. According to one poll, 78 percent of IT professionals said their end users had set up unapproved cloud services – each of which can represent a potential unmanaged risk.

It is essential organisations have tools in place that allow them to easily adhere to, and manage, security policies. Anything that forces people to drastically change the way they work, or results in an organisation’s lack of agility, is counterproductive. Increased security coupled with business agility is the ultimate goal.

Overlooking automation
As the complexity of virtually all areas of network security and compliance has increased, automation has become a central component of an effective strategy. There are now simply too many change requests being made to increasingly diverse networks for security teams to keep track of all of them manually. Automation is an essential tool for keeping pace with this degree of change and complexity, helping to reduce human error and, in turn, the exposure of the business.

Finally, automation has a key role to play in network security policy management and compliance. Policy-driven automation ensures that an organisation is compliant with internal and industry guidelines at any given point in time. However, it also means the control plane can be adjusted at policy level and then implemented immediately across the network, further lifting the security level, when required, through adjustment.

By connecting security to operations in this way, companies can vastly improve their resistance to constantly evolving threats. This is a critical point in making a tight security posture a reality all the time, rather than simply “better” for a moment in time.

Network security operations can turn to policy-based automation to reduce complexity, increase visibility and free up resources to focus on more complex tasks to improve operational efficiencies that directly impact the bottom line of a 21st century business.