If the system and its peripherals are your domain, then cybersecurity is your defense. As lords of your IT kingdom, it is not only your duty to maintain the core functions of your system, but also to defend its denizens from security events. Sometimes these events take place externally, but are even more likely from the inside.
Perimeter defense is a hallmark of cybersecurity strategy. By controlling access between the public internet and your internal systems and data, you set yourself up for the start of a strong cyber defense. This may seem like a simple task to the uninitiated, but is far more complex in practice.
1. How do you separate your internal systems from the external?
In the case of our medieval analogy, you might start by placing guards at the borders of your fortress. In cybersecurity, this would correlate to your firewall. Firewalls can provide advance warning of suspicious traffic as they enter or exit your network; essentially, the first and last safeguard between your trusted systems and the untrusted. However, this is where most companies start (and end) their cybersecurity strategy. A firewall is a fantastic tool for deterrence, but simply creating protocols to filter traffic can’t guarantee that a thief or rogue won’t make it through.
These tactics remain valuable as long as your employees are confined to your internal network. However, with more and more employees utilizing their own devices to access vital internal systems, how can you possibly hope to create a uniform perimeter?
2. How do you defend your systems and data for those outside of your perimeter, but who still carry and access sensitive data?
Trust no one. It sounds ominous, but isn’t a new practice. Most royal families hold crown jewels; prize of the family and invaluable to thieves. Every organization has data that falls into the “crown jewel” territory. It’s your duty to ensure you have taken the appropriate steps to keep your crown jewel safe, including from your own employees. One-in-three attacks involve internal actors, intentional or not. If as many possible avenues of breach are covered, there is a significantly smaller likelihood of a security event occurring.
The tactic of zero-trust provides your business with the ability to maintain your most important data, regardless of who, what, when, where, why, and how, because you control that access. In a zero-trust model, no one is trusted by default and verification (preferably multi-factor authentication) is required from everyone in order to gain access to data and network resources from inside or outside the network.
Your systems are no longer housed entirely onsite. This means, to an extent, you have relinquished control in favor of cost effectiveness and convenience. However, you are still responsible for the security of both your own and customer data. Keep an open channel to your provider, and collect data from each of your endpoint devices to ensure that your perimeter is intact.
The first step is to build a strong perimeter with Next Generation Firewall devices. To maintain that strong posture, you must continue to care for and maintain your ‘troops’ on the front lines. In the cyber sense, that means patch edge devices when new versions are released, scan the edge periodically for vulnerabilities and weaknesses to ensure they are remediated in a timely fashion. All of this leads to good Cyber Hygiene, which is specifically important at the edge of your network. A single critical vulnerability on the perimeter can be a direct backdoor from the public internet into your local network, much like a secret entrance to your castle, or to look further back, a Trojan Horse.
Once a strong perimeter is in place with plans to maintain the edge, it is important to look at the final piece of the strong perimeter equation: monitoring. With troops placed intelligently around the border of your castle, the watch has begun. 24x7 security monitoring of the perimeter devices, SaaS applications, servers, and network traffic will ensure that your kingdom/organization is ready to respond to any would-be attackers that may want to bring you down.
Though the traditional concept of the perimeter continues to evolve, it is important to embrace traditional practices. As new methods and tactics for cyber criminals emerge, we must adapt in order to defend our data, people, and peace of mind. At Dataprise Cyber, we believe that education is the first step to fortify your cyber defenses. Unlike kingdoms of old, every employee should understand and be prepared for the risks of an ever-evolving threat.