You’re concerned about your organization’s data center, cloud, and overall data security, as you should be. New breaches are being reported on daily, and the breaches that are being reported on are a mere tip of the iceberg of successful incursions and hacks. The damage to the finances of organizations, their reputation in the marketplace, and the careers of those overseeing their security can be significant.
Successful, Sophisticated Phishing Expeditions: Email remains a significant threat vector. Successful people in important positions continue to click on links and/or take marching orders from emails planted by bad actors. They shouldn’t be embarrassed, as the level of sophistication in spoofing is off the charts.
Threats picked up via email are tough to completely avoid, as the sheer volume of email is daunting for many professionals, and the busier you are, the less likely you’re going to be carefully examining your email, increasing the chances that a phishing expedition will be successful. When you get 250 emails a day and are trying to get through a few before your next meeting it is easy to quickly make a wrong move. Continuing to educate your people on the latest tactics used to illicitly gain access to credentials is a must, as are the proper tools to screen for risk and mitigate the damage when your network infrastructure is compromised.
Is it the Right Solution…and Properly Functioning? When the damage of a potential data breach is so significant, are you ready to fully trust a single vendor to protect you? Questions to ask yourselves about your vendors:
- Was every representative of the vendor fully honest with us in the sales process on every single question? Is it possible that motivation to gain our business resulted in any less-than-honest answers from somebody in the process?
- If they were completely straightforward, did they fully understand our questions and concerns, and work to optimize the protective aspects of their solution to our unique needs?
- Do we fully understand all the features of the product or service and are we optimizing those features?
- Are all features turned on or were some disabled during the integration process, dumbing down the product to make the integration go more smoothly?
These may seem like basic questions but you may be surprised at how frequently the answers to these questions are not what the buyer would like them to be.
Value in a Multi-Vendor Approach: Let’s consider some issues that suggest the sensibility of a multi-vendor approach for your security:
- Anti-Virus/Anti-Spam: Consider a different vendor for your edge anti-spam/anti-virus from what you run on your desktop. New threats are always emerging and the speed and effectiveness of patches varies. A multi-vendor approach provides an additional level of protection in an area that is badly needed.
- Separate the Intrusion Detection/Prevention: It may be sensible to utilize different intrusion prevention system from your anti-virus vendor. The “zero day” hacks (Java, Flash, etc) are a big race for vendors to say they patched it first, and it’s not always the same vendor that gets the fix in first. Some vendors do better with some vulnerabilities than others. So, the difference can be as much as 24 hours between when the first vendor got their fix out and when you got yours.
- Cloud, Colocation, and Data Center Services: Providers may claim achievement of compliance standards that they don’t quite have and it is not a rare occurrence for a vendor to have a certification taken away. If e-commerce transactions are an important part of your IT infrastructure and you lose PCI-DSS, where does that leave your company? This is just one “happened in real life” example that you need to be prepared for.
- Avoiding Vendors as a “Single Point of Failure”: Best practices in IT infrastructure architecture demand avoidance of single points of failure. Is there a vendor involved in your security and protection that is a potential “single point of failure” for you? If so, this may speak to the value of a multi-vendor approach.
Have Some Uncomfortable Conversations: Uncomfortable questions should be asked within your organization for the purposes of determining what Plan B is. Those same challenging questions should occur with your vendors, and while they’ll likely be told your concerns are unwarranted, there is wisdom in conducting a thorough review of your vendors, your internal processes, and your potential single points of failure.