The need for full control of an organisation's security protection is increasing. Adequate alert automation and blocking strategies must be in place to avoid cyberattacks, hacktivism or even espionage in light of the increasing number of remote workers using apps on their organisation's network.
A recent ITWeb / Infoblox Network Security survey found approximately a third of the participating businesses had over 20% of their staff working remotely.
Conducted online during May 2017, the survey asked how new devices on an organisations network is tracked, at the same time how remote access to apps is both managed and kept secure.
Almost 40% of respondents indicated their IT department manages between 1 to 10 apps, with a further 30%, coping with up to 50 different apps.
"We are seeing a trend in the network security industry with customers consolidating the number of apps that are allowed onto their network," says Rene Bosman, Manager - Infoblox Africa.
Outside the firewall
Respondents were asked what percentage of users are currently working remotely outside of the firewall and the office. The finding is quite evenly split: 35% estimated it was less than 10%, 30% said it was between 10-20%, while the remaining 35% reckoned it was over 20% of the staff .
"The results do not surprise us, although many organisations and customers would like their employees to work remotely, often the organisation is not equipped for this and doesn't have the right HR policies in place," Bosman says.
The survey also found digitalisation is happening at a rapid pace within South African organisations, requiring the prioritisation of their network security strategies. Bosman believes South African organisations lag behind the rest of the world.
Just over half (51%) of the respondents indicated that most of their organisation's daily engagement with customers is conducted through digital channels, including e-commerce and mobile apps whereas a third said they had gone almost completely digital when engaging with customers.
"The impact of not having automated tools and alert systems in place is that unidentifi ed, rogue and infected devices come into the company's networks," Bosman warns, adding traditional security solutions like firewalls will not identify and pick up possible new device risks. Almost 60% of respondents cited they use automated tools to alert them of new devices going on to their network.
Priority alerts required
Surprisingly, more than half of organisations are still prioritising security alerts manually.
"More and more organisations are implementing a Security Information and Event Management system (SIEM). This helps drive down the time to mitigate a security threat and risk, reducing the time to 'kill the chain'," says Bosman.
Most security solutions work with 'threat intelligence', data that will keep their systems protected against new and evolving threats, he continues.
"This is not a 100% guarantee and it's important to select the threat intelligence feed that generates the lowest amount of false positives and also protects against new zeroday attacks."
DNS down means business is down
Nearly half of respondents are confident they can quickly stop cyberattacks so no further damage is done, with 11% believing they can do it extremely quickly. A further 19% stated their reaction time is somewhat slow and 9% admitted it was extremely slow.
"Over the past 20 years, most organisations have implemented several layers of security systems, starting from endpoint security to next generation firewalls," says Bosman.
Today, the number one attack vector is DNS and unfortunately traditional DNS systems are easy to exploit, he notes. "These DNS-based attacks not only disrupt an organisation's business, but are also used to extract sensitive data. Without a secure DNS in place, organisations are at risk by this type of threat."
Bosman concludes: "Shutting down DNS means organisations are no longer able to communicate and with more apps based in the cloud we rely on the DNS system. This is why organisations require secure DNS solutions in both identifying and mitigating these threats."
About the survey
The 2017 Network Security Survey was run online on ITWeb for two weeks in May to gain insight into the networking security strategies of SA organisations.
It set out to find, among other things:
1 How many infrastructure devices are deployed within an organisation;
2 What percentage of users are remote;
3 How organisations discover new devices on their network.
Who responded
* A total of 154 responses were received for the Network Security Survey.
* 24% of respondents are CEOs or MDs and 38% are in middle management.
* 41% of the sample comes from the small business sector (under 100 employees), while 23% are from companies with over 500 employees, and 17% are from large multinationals.
* All major industries are represented, with the IT sector comprising 38% of respondents.
Share