Guarding IT security infrastructure

By Martin Hodgson
It’s a 2,000-year-old question, and as relevant to today’s IT security landscape as it was in Juvenal’s time: Who will guard the guards themselves...

It’s a 2,000-year-old question, and as relevant to today’s IT security landscape as it was in Juvenal’s time: Who will guard the guards themselves?

We think of security infrastructure as our guardian against the dark powers who would infiltrate our network and steal our most sensitive secrets, but there’s danger in putting too much trust in technology without overseeing these tools.

Relying on firewalls and antivirus monitoring (AV) alone isn’t enough to counter today’s sophisticated, well-resourced cybercriminals. Security now depends on a holistic approach – one that not only identifies all the potential hazards, but which also links different security systems (both physical and logical) and manages the relationships between them.

See also:

That doesn’t mean that traditional technologies such as AV and intrusion detection are no longer useful. Rather, organisations should be aware that not all threats are external in origin or criminal in intent. They include malfunctions from poorly-configured devices and applications, threats from Shadow IT such as employee-owned devices, or disasters such as fires and floods.

That’s why having a monitoring and early warning system is such an important element to any serious security strategy. By monitoring all critical components, from firewalls to CCTV, antivirus to environmental sensors, organisations can spot the first signs of impending problems before a crisis occurs.

Our own security systems require their own safeguards, and this “meta-security” should incorporate five elements. First, organisations need full control and oversight of their security tools to ensure that firewalls are properly configured, backups regularly and fully undertaken, and threat detection is identifying suspicious activity on the network.

Next, they need backup systems in case conventional tools fail. We are already seeing this in new Identity and Access Management tools which work by detecting unusual behaviour, rather than scanning for known malware signatures.

Businesses also need the ability to monitor systems performance in real-time, including all hardware, software and data streams. This shouldn’t just focus on security infrastructure, but everything that affects employees’ ability to conduct their work.

Similarly, any monitoring system should watch over physical sensors, including CCTV, and notify the business when defined thresholds have been exceeded.

The final element is the ability to draw all these disparate monitoring systems into one clear, easily-understood whole, rather than a set of separate solutions. This clarity is essential if one is to gain a holistic picture of your preparedness.

Where can you buy such a multi-faceted security monitoring system? The answer is that there is no out-of-the-box solution – nor should there be. Each organisation is unique in its infrastructure mix and the threats it faces, so a one-size-fits-all approach won’t work.

What’s important is to build a monitoring solution that possesses all the necessary functions to monitor the entire IT infrastructure, including as many of the common protocols as possible: SNMP, Ping, FTP, http, NetFlow, sFlow, jFlow, WMI or packet sniffing. It should also connect every device and application via a well-documented API, which is straightforward to achieve.

Can we guard our guardians? Of course we can. The barrier is not technological; all it takes is the will to take security seriously.

Martin Hodgson, Head of UK & Ireland, Paessler – PRTG Network Monitor

Share

Featured Articles

ICYMI: Space blockchains and 6G predictions for the future

A week is a long time in tech, so here are some of Technology Magazine’s most popular articles which have been starting conversations around the world

Christine Kosmowski: growth mindset and hands-on leadership

Christina Kosmowski, CEO of LogicMonitor, discusses maintaining a growth mindset and the importance of maintaining accountability as a leader

ICANN’s Coalition to help build a better Internet for Africa

Domain name corporation ICANN is leading a group of African technology organisations to help bring security and reliability to the continent’s networks

Accelerate outcomes and cut waste with IT Asset Management

Enterprise IT

Tech leaders already looking to build back from recession

Digital Transformation

Robot dining staff on call to help care in the community

Digital Transformation