Subscribe
About
  • Home
  • /
  • IOT
  • /
  • Taking security beyond the perimeter

Taking security beyond the perimeter

As cyber criminal attacks become more complex, traditional north-south security is no longer enough. Modern security must also have an east-west component.
Sameh Ahmed, senior channel solutions architect: Middle East, Turkey and Africa, Infoblox.
Sameh Ahmed, senior channel solutions architect: Middle East, Turkey and Africa, Infoblox.

Although security requirements continue to grow as cyber crime becomes increasingly rife, security itself is also changing. The traditional north-south approach to company security has been forced to evolve in today’s cloud-focused world.

In other words, says Sameh Ahmed, senior channel solutions architect for Middle East, Turkey and Africa at Infoblox, we are seeing a shift from focusing on north-south traffic – where information enters or exits the data centre – to east-west instead.

“East-west traffic is when data is flowing between devices within a data centre, and has become increasingly vital, with the adoption of private cloud, software-defined networking (SDN), microservices and cloud native applications. As this traffic has dramatically increased, so its security has become a greater concern, with some organisations having completely overlooked the east-west aspect of their security architecture,” he says.

“Remember that once malware gets inside the network, traditional network security methodology won’t be able to do anything to prevent it causing havoc. This is why it has become critical for companies to conduct a proper assessment of its assets and devices, to ensure it can protect itself in all directions from potential threat actors.”

To this end, explains Ahmed, it is critical to have deep visibility into east-west traffic, as this will position the enterprise to be able to block malicious lateral movement inside the network. The best approaches here, he continues, are by utilising micro-segmentation and zero trust architecture for protection, and an east-west traffic assessment to help you gain a clearer insight into your virtual network.

“Micro-segmentation makes it more difficult for malware that does make it into the network to cause major damage, as each segment is secured separately. Furthermore, with disruptive technologies like multi- and hybrid clouds, software-defined wide area networks (SD-WANs), the internet of things (IOT) and the explosion of connected devices, a zero trust approach to security is now essential,” he suggests.

“Implementing zero trust is necessary to protect your data and it achieves this by: continuous validation with regard to who has access to this data; categorising and understanding sensitive data; considering how data flows can create micro-networks; delivering comprehensive visibility, assessment and analysis of your network activities.”

He cautions that most cyber attacks happen not because security tools don’t work, but because attackers find a way to get into the network through the tools that are already in place.

“The real issue is that many criminals, once inside your network, adopt what is referred to as the ‘low and slow’ approach to data theft. By only taking little nibbles at a time, they can avoid detection for far longer. It’s a bit like having a leaky pipe under your sink – if you’re losing a drop an hour, it won’t be noticed, but will amount to a lot of water over the course of a year.

“For this reason, it is essential to continuously assess people, processes and technologies within the business. You should create roles and responsibilities, improve visibility, eliminate gaps between teams, and finally, continuously test and review your architecture and policies.”

Ahmed explains that further challenges include the IOT and the concomitant explosion of connected devices which has dramatically increased the attack surface of organisations, even as the networks have become borderless and perimeter-less. In addition, he points to the challenge of shadow IOT, which are the active IOT devices or sensors that are inside the network without the visibility and knowledge of the business.

“With branches and remote users directly connected to the internet and connecting to the organisation from the cloud and via remote work applications, it is more crucial than ever to have security and protection everywhere. This, ultimately, means securing devices, securing connections and securing your network – both from north to south and from east to west,” he concludes.

Share