Over the past couple years we’ve seen digital privacy take the world by storm. Recent revelations about government snooping, data breaches releasing personal information, mobile apps tracking your every move, social media sites exposing your personal life for their gain, etc. shows why digital privacy has become such a huge concern for anyone utilizing the internet today.
As we found out in our recent survey, network security and data security are the two most challenging security functions to migrate to cloud environments. Specifically, the problems highlighted in survey respondents include:
Exciting news from AlgoSec this week: we announced our solution for unified security policy management across hybrid cloud infrastructure. This is a key component of our “managing security at the speed of business” vision and supports our mission to automate security policy management in evolving data centers and networks.
Following on from his recent Security Management 201 video which provides some key tips to help you easily define, simplify and enforce network segmentation and security zoning, Professor Wool has now produced a new video on how to structure your security policy in a segmented network.
You’re in no doubt familiar with Virtual Local Area Network (VLAN) technology and its ability to segment traffic within your network. It’s one of those decades-old technologies that businesses have come to rely on to reduce costs, minimize network broadcast domains, and protect certain systems from others. It sounds good on paper but it’s rare to see a VLAN environment that’s truly configured in the right way in order to realize its intended benefits.
Continuing our recent focus on network segmentation, this week's network security tip comes from Charles Riordan, Managing Consultant at Check Point:
“Build and deploy “for-purpose” specific security gateways based on a security zones approach, taking in zones’ access of greater trust the deeper one gets into the architecture. Look for and implement monitoring of these gateways from a security/compliance posture (status) in a 24×7 paradigm with alerting and reporting capabilities. Only deploy specific functional protections – thus eliminating over-use of resources, etc…”