The pattern of network and internet usage today is undergoing a tremendous shift that is nothing short of a life style change, demanding a transformation in security capability.
At the root of this shift is the gigabit-speed internet that is reaching users, driving them to change how they access the internet and what they do with it. Users are bringing multiple devices and a variety of always-on applications into organisations and they are placing enormous pressure on security devices. The question that arises is; what does it take for security devices to keep pace with the shift?
Gigabit internet speeds and rising generic threats
Nations across the globe and other initiatives from global tech leaders such as Google (Google Fiber FTTH) are all set to bring affordable high-speed internet within reach of households, enabling data to move at 100 times the current internet speed.
This massive data speed will now allow SOHO-SMBs to adopt solutions such as ERP, CRM, SCM and Google Drive, for the first time that had once been the preserve of enterprises.
At the most basic level, there exists a direct equation between high-speed internet and the rise in security incidents. The higher the traffic, the higher the volume of threats. So today, we find generic threats in the form of packet sniffers, malicious code, phishing, viruses, Trojans and more, entering the network through susceptible applications and devices, compromising data and resources.
Buoyancy of BYOD, a growing threat
With organisations adopting a BYOD (bring your own device) policy, the network traffic now encompasses traffic from multiple devices of a single user from within the network perimeter or outside, accessing data stored within the network or in the cloud, multiplying network security complexities by many times.
Employees are bringing in devices, otherwise used to access personal data – laptops, tablets and smartphones, to the work place, accessing the internet, systems and data through each of these devices. Using these mobile devices, which are fraught with risks in the absence of adequate security mechanisms, employees are accessing a range of the organisation's systems and resources in the course of their work, leaving corporate networks highly vulnerable.
Multiple OS – multiplying vulnerabilities
From a scenario of a single operating system, in the BYOD scenario today, security solutions face the complex situation where they oversee between two and five operating systems across multiple devices, while the vulnerabilities of each operating system cumulate on the network as threats. The attack surface is expanded considerably with attacks looking at exploiting any vulnerability present within the OS, applications, and even the people using these devices.
The rise of apps
The many business solutions being adopted by SOHO-SMBs are today accessible through apps on their mobile devices. The presence of the same app on different devices, which executives use interchangeably depending on whether they are in the office, on the road, or with clients, raises the need to keep the session alive and to synchronise the status with the cloud and the other devices. All this traffic is taking its toll on the network and security.
The rise of application threats
The rise in personal and business applications on devices has led to a rise in application threats. Many malicious applications carry security lacunae, leaving devices vulnerable to new forms of application threats, exposing organisations to higher levels of risk.
Further, given the always-on nature of devices and constant access to the network, it is with little delay that attackers gain access to the network and the cloud through compromised data.
Next-generation UTM appliances are the future
With gigabit internet speeds, multiple devices and multiplying applications expanding the current volume of threats and introducing a whole new range of threats to small-to-medium businesses, a quantum shift in security fundamentals has become critical.
The high speed networks of these SMBs require network security devices that function at gigabit speeds with deep packet inspection. These capabilities are necessary to prevent these in-line security appliances from becoming choke points rather than high-speed check points.
Identity forms the foundation of intelligent security today. With the same user handling multiple devices with applications that are always on, the user is no longer synonymous with the device today. Security devices that are capable of identifying the user and the device become necessary to secure the organisation, its data and network.
In addition to Layer 7 application security, Layer 8 human security becomes critical. Thus, today's network scenario demands next-generation UTM appliances with multiple intelligence comprising user, device and application identity in addition to context and content intelligence.
Such intelligence holds the key to next-generation security. By providing such critical security, the next-generation UTMs can enable SOHO-SMBs to leverage high-speed internet and the numerous business applications to enhance productivity, gain customer trust and build expanding businesses.
Abhilash Sonwane Sr is vice president of product management at Cyberoam
Cyberoam is exhibiting at Infosecurity Europe 2013 held on 23rd – 25th April 2013 at Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit www.infosec.co.uk