Welcome to the fourth blog in our special series, Mitigating Gartner’s Network Security Worst Practices (a complimentary copy of Gartner’s research, Avoid these “Dirty Dozen” Network Security Worst Practices is available for viewing from AlgoSec’s website.)
Welcome to the second blog in our special series, Mitigating Gartner’s Network Security Worst Practices (a complimentary copy of Gartner’s research, Avoid these “Dirty Dozen” Network Security Worst Practices is available for viewing from AlgoSec’s website.)
Over the course of more than 3,000 client interactions in the past year, Gartner has observed several common network security "worst practices." The result is this great research paper titled “Avoid These "Dirty Dozen" Network Security Worst Practices”, and a complimentary copy is available to you on the AlgoSec website.
Managing ever-growing network security policies is not getting any easier. We are facing more threats, greater complexity and increased demand for both security and application connectivity. However, many companies are failing to update their approach to security policy management to keep up with these challenges. In my years of interactions with companies across pretty much every geography and industry vertical (many of which have become AlgoSec customers) I’ve identified what I call the “Seven Deadly Sins” of security policy management. I am sure none of them take place in YOUR organization (fingers crossed) but in just in case you want to help err… a friend… read on, and check out this new Infographic:
For years, organizations have focused most of their network security efforts on the perimeter. First there were firewalls, then intrusion prevention systems came along followed by web proxies, and recently advanced malware detection (AKA sandboxing) solutions. This perimeter-focused approach is often referred to as the M&M Strategy – a hard crunchy outside and soft chewy inside. The problem of course, is once hackers successfully penetrate the perimeter of the network or the data center, (and let’s face it, this has not been a rare occurrence in recent years) there is very little restriction of lateral movement between servers in the data centers.
One of the more interesting phenomena I have observed when working with companies on their network security challenges is that every company feels that their challenges are unique. While this is true to some extent, there are many more similarities than differences between companies. One such similarity is the existence of “Network Ned”.