Security policies are designed to provide protection for organisations and their employees by standardising the rules and processes that are in place to protect against threats to data integrity, availability, and confidentiality.
ITWeb Security Summit 2022 JHB: 31 May - 2 June; Cape Town: 6 June
The annual gathering of cyber security decision makers will feature experts from across the globe, who will discuss the most critical issues facing businesses today. Book your seat now to get up to speed on cyber security trends, solutions and best practices.
For Joburg, go here.
For Cape town, go here.
This is why in order to be effective, security policies need to be kept up to date and relevant, which unfortunately does not always happen.
In addition, architectures that were designed 20 to 30 years ago, are not catering for the demands businesses have today.
So says, Tinus Janse van Rensburg, regional manager, channel and MSSP Africa, Netskope, who will be presenting on, “Why security policies can't be a point in time benefit, they need to be always anywhere”, at the ITWeb Security Summit 2022, to be held at the Sandton Convention Centre from 31 May to 2 June.
"The average user has over 56 applications on his or her mobile device," he says. "Now imagine companies with managed laptops and endpoints, and try and secure all of this too. Legacy architectures such as firewalls, proxies, VLAN’s and VPN concentrators only control access and applications when the specific device or user traffic is passing the specific technology.”
Janse van Rensburg says this is a complete failure and when clients adopt cloud provider applications, such as SAP, Oracle, MSFT, Google Email, 0365, Onedrive, Slack, Teams, Zoom and more, we need to be able to control our users, behaviour and risk at all times, not just at a single point in time.
I would like to encourage clients to slow down and be more effective in the way they approach security.
Tinus Janse van Rensburg, Netskope.
Speaking of how this could be managed better, he says: “The foundation for cyber security is confidentiality, integrity and availability, or CIA. It has been this way for the past 20 years, and is still the foundation. Clients just need to validate if the technology and architecture currently in place still address and meet these requirements.”
When looking at the current state of security effectiveness and amount of compromises we see globally, he says it's evident that we have to be better at what we do, not just from a vendor perspective, but as a whole. “The only way we can achieve this is to validate our current status, reset and take on the next few month effectively together.”
During his presentation, Janse van Rensburg will share how to deploy security policies anywhere the user travels, and will discuss how all leading security vendors will be driving these capabilities in the near future.
“I have over 20 years experience in more than 25 countries. This will be an open, easy discussion about what has changed. I would like to encourage clients to slow down and be more effective in the way they approach security. The market is pushing in so many directions, I think users’ heads are spinning and vendors are not making it any easier.”
Share