Effective edge security needs to be holistic

October 2018 Cyber Security

Over and above the hacks perpetrated by so-called ‘bad actors’ that make the headlines all too frequently, organisations nowadays have to deal with highly tech-savvy millennials entering their business environments. The modern paradigm requires that a holistic and layered approach be adopted to secure net-works from breaches at the edge, in the view of Mayleen Bywater, senior product manager at Vox.

Mayleen Bywater.
Mayleen Bywater.

“As we’ve seen in the news, people have been able to get into networks through things as innocuous as printers and other devices we find around our home and office environments. Edge security in terms of IoT (Internet of Things) devices is really about empowering clients to have control over their data, and understanding exactly what’s connecting in, where, and how. This requires them to have stricter control over their asset management, so that not just any Tom, Dick or Harry is able to connect to their network without going through their IoT provider,” she says.

To this end, it is vital to build robust systems that can detect breaches, and then manage those policies and make sure that best practices are in place to address issues quickly and forcefully, but with specific boundaries and set controls that can be enforced. “You also need to make sure that your edge network security is built in such a way that, should someone try to get in, you have the correct tools in place to ensure a layered approach that will give you a pro-active defence. This means if someone does manage to penetrate your network you are able to mitigate, manage and remediate the breach.

“It’s not enough to have just one tool or system in place, the layered approach must be holistic at the various entry points into your network or organisation. This extends from your network to email to devices and appliances like air conditioners – anything that’s IoT based should be able to trigger an alert that is registered and that can be actioned,” Bywater continues.

Generation gap

Catering for users of different ages is particularly challenging, given that the gulf in technical know-how between the generations that comprise a typical business environment has never been wider. Bywater asserts that while you don’t want to alienate the less tech-savvy users, it’s also important not to squander the fresh ideas and new approaches the younger generation brings to the table.

“Change control is something most people don’t like and don’t embrace easily, yet the younger generations tend to go with it because that’s how it’s always been for them – everything changes in the blink of an eye and you need to be able to adapt quickly,” she says. “To account for this diversity it is important to have best practices and processes in place, and to communicate them to the end user in such a way that it is understandable and therefore easier to embrace.

“If someone is punching their details into a printer, you want them to have the confidence that they don’t need to stress about whether someone will hack into that machine, copy the document they’ve scanned and leak it across the network, because they know their IT team has their best interests at heart and they’re doing consistent scans and network checks to make sure that nobody’s getting into that data.”

Management’s role

While upper management execs have sometimes been accused of not adequately understanding or acknowledging their IT departments’ concerns over cybersecurity, Bywater believes the latest hacks have been so high-profile that the issue is taken more seriously. “As much as you can have the best firewalls, the best network security, best edge asset management, if your staff aren’t on board and security conscious down to the company culture level, you’re still going to have some loopholes that somebody will try to get around – just because they can, it’s human nature.

“Businesses must have these things properly documented and have a plan in place to do consistent training, or risk having problems down the line. So a lot of businesses (and we’re trying to embrace this on our own platforms) are placing an emphasis on how to train people more effectively, but in such a way that they can test the waters and actually report on simulations,” she explains.

“If the IT department sees something that’s not right they should be able to report it efficiently so something can be shut down, for example if they see a thermostat’s temperature rising they can report it quickly so someone can address it. We need to get away from that nonchalant attitude that ‘it’s not my problem.’ Security is everyone’s problem and we need to start to embrace that, right down to every person that works in an organisation.”

Security 360

Vox offers a security 360 strategy entailing a full network solution which includes perimeter, email, endpoints, backup etc. and is suitable for SMEs to larger enterprises. “We have a skilled technical team that can help guide, manage and look after any environment, as well as set up security sessions with our customers on a quarterly basis to help guide them and map those best practices mentioned above,” says Bywater.

“One of our newer products, in conjunction with Mimecast, involves doing training sessions and simulations with our clients where we can test their security posture and whether their end users are actually aware of the security risks they pose to their businesses, in order to nurture a security conscious culture. In that way everybody is collaborating to shut down these perpetrators, whether they like it or not.”

The company also offers a backup solution to provide peace of mind that if anything does go wrong, its clients can easily restore their data and get systems and services up and running quickly and seamlessly. “All of this combined gives the client a complete strategic positioning. We can also help them with vulnerability testing and checkpoints to make sure those systems are all completely in line,” she concludes.

For more information, contact Mayleen Bywater, Vox, +27 87 805 0000, mayleen.bywater@voxtelecom.co.za, www.vox.co.za


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Leaders in risk and security: As long as there are people, there will be risk
Issue 5 2020, iFacts, Technews Publishing , Editor's Choice
Jenny Reid is a self-made success, focusing on people, the risks they create and the potential they have.

Mitigating the human risk
Issue 5 2020, Managed Integrity Evaluation, Technews Publishing, iFacts , CCTV, Surveillance & Remote Monitoring
Hi-Tech Security Solutions asked Jennifer Barkhuizen and Jenny Reid for some information around background screening and vetting of potential new hires.

XProtect available on AWS
Issue 5 2020, Milestone Systems, Technews Publishing , Editor's Choice
Milestone recently announced the availability of XProtect on Amazon Web Services. Hi-Tech Security Solutions asked Keven Marier for more information.

Adjusting to a new reality
Issue 5 2020, Technews Publishing , Integrated Solutions
COVID-19 to accelerate adoption of technology-enabled smart city resilience approaches: robotics, digital twins, and autonomous freight.

From the editor's desk: We're back!
Issue 5 2020, Technews Publishing , News
Welcome to the fifth issue of 2020. If years were people, 2020 would have been hung, drawn and quartered...

From the editor’s desk: Sustaining security and sanity
Residential Estate Security Handbook 2020, Technews Publishing , News
Sustainability is a critical component of almost anything in these days of a tanking economy, boosted by COVID-19, which is given further emphasis by the economy being further hammered by the ‘cure’ for ...

The COVID test for estate business continuity planning
Residential Estate Security Handbook 2020, Technews Publishing , Editor's Choice
Many estates were caught unaware when the COVID-19 pandemic and subsequent lockdown hit. Helderberg Village was ready for the challenge.

More efficient guarding through the effective use of technology
Residential Estate Security Handbook 2020, Technews Publishing, OnGuard, Stallion Security, Active Track , Security Services & Risk Management
Technology in its many forms can be used to optimise the efficiency and performance of on-site guarding.

Focus on touchless biometrics
Residential Estate Security Handbook 2020, Hikvision South Africa, Saflec, IDEMIA , Suprema, Technews Publishing , Access Control & Identity Management
The coronavirus has made touchless biometrics an important consideration for access control installations in estates and for industries globally.

Residential Estate Security Conference 2020
Residential Estate Security Handbook 2020, Technews Publishing , Editor's Choice
Back in the old days when conferences that people attended in a single location were a thing, Hi-Tech Security Solutions held its Residential Estate Security Conference 2020 at the Durban Country Club.