Network Security Shouldn’t be a Science Experiment

Posted on May 23, 2018 7:20:00 AM

Science of IT

As previously discussed, the days of installing a firewall with antivirus and calling your network secure are long gone. Thanks to an influx of connected devices from numerous sources and an expanding list of network-dependent systems (hello, temperature control and sprinklers!), the likelihood of a network breach is much higher than ever (and also more difficult to detect).

So how have organizations responded to the changing landscape of network security architectures? Many IT departments have treated network security like a science experiment. The best illustration of this is not in the server room—it’s in the garage.

Imagine that you work for a car manufacturer and you’re charged with building the best car possible. You do your homework and decide that Nissan has the best brakes, Jeep has the best frame, BMW has the best engine, etc. Could you imagine a car company scavenging multiple manufacturers for parts, piecing together a Frankenstein automobile, and then expecting a best-in-class vehicle?

If you think that sounds like a disaster waiting to happen, we agree. Imagine entrusting your network’s security to such a haphazard process. Interestingly, it’s how many IT departments operate today: they have a firewall made by Brand X, an intrusion prevention system developed by Brand Y, malware protection made by Vendor Z, a network monitoring software developed by Company A, and the list goes on.

The reason behind this is easy to understand. IT departments want to provide the best protection for their organizations, so they install a combination of the moment’s best technologies. We’ve seen the results of that experiment, and it just doesn’t work. A conglomerate of “the best” technology from different manufacturers does not make you secure.

One concern with this method is the number of manufacturers your IT department has to call for support. If you’re having issues, needing to contact various sources to troubleshoot the problem is an ineffective way to operate, especially if you’re dealing with an immediate threat to your network. And don’t even get us started on the blame game that (many) manufacturers and vendors love to play.

Another potential issue you’re facing with a security architecture that includes a number of manufacturers is the extensive amount of time you will have to devote to updates and upgrades. If you can even get your solution to function cohesively (this will be difficult, given that many security systems don’t play exceptionally well with others), sustainability will be challenging, and the labor resources required will burden your already overtaxed staff.

The main concern with this approach to network security is that just as there’s no manual for running and maintaining a vehicle built with many different manufacturers’ parts, there’s definitely no foolproof strategy for maintaining network security in this manner. Bottom line: if you take this approach, you’re taking a risk.

If you liked this message as a blog, check out the video! 
Watch it here:

New call-to-action


Subscribe to Email Updates

Subscribe to Email Updates

Recent Posts