Network Security Prioritization in the Age of Cloud, Mobile Computing & BYOD

By Matt McKinley, US Director of Product Management, Stonesoft

The MSP Alliance welcomes a guest post from Stonesoft, Inc. (www.stonesoft.com), a global provider of network security solutions to MSSPs, enterprises and government organizations. 

“If I could only do a few things to secure my network, what should they be?”

It’s a question I hear often, and rightfully so. CISOs (and the MSSPs that work with them) are drowning in risk. BYOD and the cloud have decentralized security, and we are only just beginning to see the impact of mobile computing across the enterprise. Where do you even begin?

While there are no silver bullets to security, there should be a sense of prioritization. Most networks have the basics covered by installing firewall and IPS solutions. So, let’s go beyond that. Here are six things – at a minimum – that every network security strategy should address:

1. Inventory network access. Maintain an inventory of all systems connected to the network and the network devices accessing them.
2. Continuous, real-time monitoring. This is a no-brainer. If you can’t monitor realistic volumes of traffic in real-time on a continuous basis, then you’ll be victim to hindsight rather than protection.
3. IPv6 readiness. Be more than IPv6 ready – be IPv6 confident. Don’t rely on vendor claims; instead, make sure your firewall/NGFW can handle realistic volumes of IPv6 traffic.
4. Segment your network. All data is not created equal. And, treating all data and systems like they’re worthy of CIA-level protection is an expensive approach. Your network should be segmented to deliver higher protection to certain types of data versus others.
5. Secure cloud access. BYOD isn’t a passing trend; it’s here to stay. That means the number of devices outside of your immediate control that are accessing cloud-based information will only grow. Deploying multi-factor authentication will protect remote access to the cloud and minimize the risks associated with lost mobile devices.
6. Centralize network device monitoring and management. The biggest risk to your network is human error and complexity. Being able to centrally manage, monitor and configure devices across the network is one of the most effective ways to increase security.