The world of IT security is rapidly evolving. As quickly as new technologies emerge, the digital underground develops a new scheme. The pressure to trim costs must be balanced against the cost and harm of a data breach.   

With high-profile information thefts from educational institutions and government agencies making the news, managers are realizing that it is not enough to simply padlock the front door to their networks; they also need to put a watchdog on their database to detect and prevent breaches – both internally and externally.  

When it comes to network security, 2009 is all about efficiency – finding technologies that are easy to manage, user-friendly and make it possible to do more with less. Functionalities that have been traditionally reserved only for large enterprises are becoming available to mid-sized organizations.

The start of a new year is a good time to conduct a security check-up, review the measures already in place, learn about newly available technologies and emerging security threats, and ensure proper regulatory compliance for the future. These operational security standards vary greatly among governments, and may require security appliances to hold federal or industry level certifications.

Canadian threatscape
Government agencies are susceptible to the same threats as other users. Network threats come from external sources, but can also be introduced internally by laptops, USB keys and smartphones. Education and awareness about potential security threats and trends is paramount to resisting attack. One of the most prevalent threats is information theft or database siphoning. Successful attacks are often widely publicized no matter how insignificant the breach.  

A security flaw in Passport Canada’s website brought the reality of database attacks to light in 2007. The breach allowed users to easily view other applications – including SINs, dates of birth and driver’s licenses – by simply altering one character in the Internet address displayed in the web browser. This could have been prevented through proper coding practices. Although little harm was done, there was great publicity.

There are a multitude of more complex and nefarious vectors lurking in today’s threatscape.

As Web 2.0 use increases, vulnerabilities multiply, requiring better web application security solutions and data leakage prevention mechanisms – to prevent inadvertent release of proprietary information, resist attacks, and prevent employees from bringing back tainted data into the corporate network. Moreover, as more groups such as the University of Ottawa’s Canadian Internet Policy and Public Interest Clinic advocate mandatory reporting of data breaches to a public registry, organizations will increasingly need to deploy security applications that shore up their potential security risks and allow for easy reporting.

Evolution of technology
Securing a network isn’t as simple as choosing the latest piece of equipment; rather, it demands a customized approach that holistically considers the type of data your organization deals with alongside user habits and compliance requirements.  

There are many layers in the selection process that need to be considered before investing capital to acquire a new solution or upgrade an existing system. One of the most popular movements has been the rise of an integrated approach to network security. In the past, organizations have relied on a number of different point-solution appliances and vendors for each individual security need, leading to management headaches and compatibility issues. Consolidated security appliances, however, integrate multiple security features – like network firewall capabilities, network intrusion detection and prevention and gateway anti-virus functionality – into a single hardware platform. More advanced systems incorporate security-specific ASICs within the network security platform for performance advancement and also offer real-time security subscription services along with a suite of management, reporting and analysis products.  

This layered approach, chosen for its adaptability, increasingly forms the backbone of many enterprise, MSSP and carrier security solutions. Integrated network security appliances have also become well-known for being a simple, cost-effective way to enhance existing data networking capabilities, especially because they are scalable – meaning it’s fairly simple to turn functionalities on and off or add additional hardware to meet the growing needs of your organization. The consolidated security market is undergoing rapid expansion, as evidenced by the latest IDC Quarterly Worldwide Security Appliance Tracker, which states that this style of layered security appliance now holds 58 percent of the market share – outgrowing traditional firewall/VPN appliance sectors – and was worth an estimated US$2 billion in 2008.

Beyond choosing the right framework for network security, it is imperative to consider the features that accompany the security appliance.

  • IT has revolutionized business communications, providing an unmatched blend of reach, scalability, timeliness, efficiency and overall effectiveness. To protect these vital tools, security should not stop at the perimeter. Organizations need to consider a comprehensive security portfolio that addresses database, email, client and mobile devices in addition to traditional network security solutions to protect against a diverse, overlapping and ever-expanding array of threats.
  • Look for a security appliance capable of reassembling packets and scanning data in real-time, without compromising network speed and detection quality. With the rising adoption of 10GbE throughput, organizations will need to ensure that their security protocols work at the speed of the network without sacrificing accuracy. Constantly monitoring the computer system for malicious content as the data comes in and out of the network can stop a piece of malicious code before it compromises the network, and technological advances mean today’s appliances feature higher-throughput speeds that make scanning a truly “behind-the-scenes” function from the users’ perspective.
  • Real-time data scanning is only as effective as the rate at which the security system checks and updates users against new viruses and threats. It is important to deploy a security system that features real-time, automatic updates to ensure your security system is always equipped with the most up-to-date protection from new and emerging threats. Some appliances feature subscription services that will automatically push updates to the network, easing management and deployment of vital system upgrades.
  • Security is not a “one-size-fits-all” tool, and data security needs vary greatly even within an individual organization. Modern advances and innovation have made network segmentation – the act of splitting a larger computer network into its own subnetwork – available to a much larger audience. In the past, this technology was reserved only for large enterprises, but new appliances are now more affordable and readily available to mid-sized users. This technology is attractive because it minimizes traffic on a local network and improves both performance and security. It has also proved useful in containing network problems, as it limits the effect of a local failure on other parts of the network.
  • Organizations are looking to adopt green technologies. While some look to these technologies purely from an environmental standpoint, others are increasingly focused on their cost cutting benefits. Integrated network security solutions and virtualized security technologies, which create a flexible security layer inside a virtualized data centre rather than utilizing an additional piece of hardware, can both help o