Security Threats: 5 Common Network Blind Spots
Perimeter defenses, while still necessary, are no longer sufficient in the face of this once inconceivable, but now irrefutable, reality: Breaches will occur. Where cyber attacks of the past were intentionally grandiose and overt, today's attackers more often prefer to move low and slow, creating command and control channels through which to steal valuable information over long periods of time while remaining undetected.
With these changes a new security paradigm is emerging, one that charges security and network professionals not only with keeping threats out, but also with gaining and maintaining visibility over what's already inside their networks; however, the increasing complexity of networks creates blind spots that make seeing these threats more difficult than ever. What's more, these blind spots are caused by a number of factors and often create bottlenecks that can degrade network performance.
1. Enterprise Mobility
Enterprise mobility has created blind spots in two ways – the massive increase in traffic hitting mobile infrastructure and the amount of new devices popping up on the network. While the high volume of traffic caused by mobile devices is certainly an issue, the much larger problem is the new threat vectors created by mobile devices, and the fact that many networks do not or cannot monitor their activity.
2. Encrypted Traffic
SSL-encrypted traffic is a fast-growing portion of all enterprise traffic. According to an independent study done by NSS Labs, anywhere from 25 to 35 percent of enterprise traffic is encrypted in SSL, and that number is only growing. While inline devices like firewalls have integrated SSL support, out-of-band monitoring, performance management and security tools often do not have that ability, or if they do, not at speeds that don't dramatically reduce network performance.
3. Rise of Virtualized Infrastructure
Enterprises struggle to monitor virtualized infrastructure in comparison to physical infrastructure and its proliferation and ability to scale rapidly intensifies this problem. Combine that with the ongoing drive to adopt SDN frameworks and the disruption that has caused in the data center and it's easy to see where blind spots are created.
4. Internet of Things
The Internet of Things is putting more devices onto networks, and these devices are talking. In the popular imagination, the Internet of Things is smart thermostats and refrigerators, but in business, especially in manufacturing, the Internet of Things can mean any number of connected devices. And not all of these devices are the latest and greatest hardware. It is extremely difficult to ensure that all devices are accounted for and monitored. Additionally, the older systems that are difficult to monitor are also the ones that are most at-risk for breaches – think SCADA systems in the energy sector.
5. Shadow IT
There's a simple saying – you can't secure what you can't see. Shadow IT comes into the enterprise as an unknown and, in many cases, stays unknown. While Shadow IT is perhaps best thwarted by more proactive and transparent communication between IT departments and line-of-business managers, it still needs to be dealt with by administrators who need to track and monitor applications and services.