Effective edge security needs to be holistic

October 2018 Cyber Security

Over and above the hacks perpetrated by so-called ‘bad actors’ that make the headlines all too frequently, organisations nowadays have to deal with highly tech-savvy millennials entering their business environments. The modern paradigm requires that a holistic and layered approach be adopted to secure net-works from breaches at the edge, in the view of Mayleen Bywater, senior product manager at Vox.

Mayleen Bywater.
Mayleen Bywater.

“As we’ve seen in the news, people have been able to get into networks through things as innocuous as printers and other devices we find around our home and office environments. Edge security in terms of IoT (Internet of Things) devices is really about empowering clients to have control over their data, and understanding exactly what’s connecting in, where, and how. This requires them to have stricter control over their asset management, so that not just any Tom, Dick or Harry is able to connect to their network without going through their IoT provider,” she says.

To this end, it is vital to build robust systems that can detect breaches, and then manage those policies and make sure that best practices are in place to address issues quickly and forcefully, but with specific boundaries and set controls that can be enforced. “You also need to make sure that your edge network security is built in such a way that, should someone try to get in, you have the correct tools in place to ensure a layered approach that will give you a pro-active defence. This means if someone does manage to penetrate your network you are able to mitigate, manage and remediate the breach.

“It’s not enough to have just one tool or system in place, the layered approach must be holistic at the various entry points into your network or organisation. This extends from your network to email to devices and appliances like air conditioners – anything that’s IoT based should be able to trigger an alert that is registered and that can be actioned,” Bywater continues.

Generation gap

Catering for users of different ages is particularly challenging, given that the gulf in technical know-how between the generations that comprise a typical business environment has never been wider. Bywater asserts that while you don’t want to alienate the less tech-savvy users, it’s also important not to squander the fresh ideas and new approaches the younger generation brings to the table.

“Change control is something most people don’t like and don’t embrace easily, yet the younger generations tend to go with it because that’s how it’s always been for them – everything changes in the blink of an eye and you need to be able to adapt quickly,” she says. “To account for this diversity it is important to have best practices and processes in place, and to communicate them to the end user in such a way that it is understandable and therefore easier to embrace.

“If someone is punching their details into a printer, you want them to have the confidence that they don’t need to stress about whether someone will hack into that machine, copy the document they’ve scanned and leak it across the network, because they know their IT team has their best interests at heart and they’re doing consistent scans and network checks to make sure that nobody’s getting into that data.”

Management’s role

While upper management execs have sometimes been accused of not adequately understanding or acknowledging their IT departments’ concerns over cybersecurity, Bywater believes the latest hacks have been so high-profile that the issue is taken more seriously. “As much as you can have the best firewalls, the best network security, best edge asset management, if your staff aren’t on board and security conscious down to the company culture level, you’re still going to have some loopholes that somebody will try to get around – just because they can, it’s human nature.

“Businesses must have these things properly documented and have a plan in place to do consistent training, or risk having problems down the line. So a lot of businesses (and we’re trying to embrace this on our own platforms) are placing an emphasis on how to train people more effectively, but in such a way that they can test the waters and actually report on simulations,” she explains.

“If the IT department sees something that’s not right they should be able to report it efficiently so something can be shut down, for example if they see a thermostat’s temperature rising they can report it quickly so someone can address it. We need to get away from that nonchalant attitude that ‘it’s not my problem.’ Security is everyone’s problem and we need to start to embrace that, right down to every person that works in an organisation.”

Security 360

Vox offers a security 360 strategy entailing a full network solution which includes perimeter, email, endpoints, backup etc. and is suitable for SMEs to larger enterprises. “We have a skilled technical team that can help guide, manage and look after any environment, as well as set up security sessions with our customers on a quarterly basis to help guide them and map those best practices mentioned above,” says Bywater.

“One of our newer products, in conjunction with Mimecast, involves doing training sessions and simulations with our clients where we can test their security posture and whether their end users are actually aware of the security risks they pose to their businesses, in order to nurture a security conscious culture. In that way everybody is collaborating to shut down these perpetrators, whether they like it or not.”

The company also offers a backup solution to provide peace of mind that if anything does go wrong, its clients can easily restore their data and get systems and services up and running quickly and seamlessly. “All of this combined gives the client a complete strategic positioning. We can also help them with vulnerability testing and checkpoints to make sure those systems are all completely in line,” she concludes.

For more information, contact Mayleen Bywater, Vox, +27 87 805 0000, mayleen.bywater@voxtelecom.co.za, www.vox.co.za


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

TAPA: The role of an effective treasury function in business risk management
June 2019, Technews Publishing , News
Neil Le Roux, the Founder of Diligent Advisors will speak at the TAPA SA (Transported Asset Protection Association) annual conference on 26 July 2019.

iLegal 2019: Enhancing and empowering your control rooms
July 2019, Technews Publishing , News, Conferences & Events
iLegal 2019 will be held on 12 September 2019 at The Rosebank Crowne Plaza in Johannesburg. iLegal is the surveillance industry’s premier one-day conference hosted jointly by Hi-Tech Security Solutions and Dr Craig Donald.

Residential Estate Security Conference 2019: Managing for efficiency
July 2019, Technews Publishing , News, Conferences & Events
The Residential Estate Security Conference 2019 will be held on 20 August 2019, once again at the Indaba Hotel in Fourways, Johannesburg.

Spending to save
August 2019, Technews Publishing , News
As residential estates and complexes grow like weeds across South Africa, often promoting themselves as more secure than a stand-alone house, many are finding that close proximity to a neighbour or a ...

Risk assessment or product placement?
August 2019, Technews Publishing, Alwinco, SMC - Security Management Consultants , Editor's Choice, Security Services & Risk Management, Residential Estate (Industry)
Hi-tech security solutions asked a couple of experts to provide estate managers and security managers with some insights into what a ‘real’ risk assessment includes.

Renewable energy for estates and homes
August 2019, Drensky Technologies, Technews Publishing, Specialised Battery Systems , Security Services & Risk Management
While individual homeowners might choose to install solar photovoltaic (PV) systems for when there’s load shedding or a power failure, for an entire estate to harness its energy requirements from solar, and particularly their crucial security systems, would require that a large area of the property be dedicated to solar panels.

Inundated with cyberattacks from all directions
August 2019 , Editor's Choice, Cyber Security, Security Services & Risk Management
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up-to-date technology.

Under cyberattack
August 2019, Kaspersky Lab , Cyber Security, Residential Estate (Industry)
Cybersecurity is not something one usually associates with residential estates, but the threats from cybercriminals apply equally to estates as they do to businesses and the individual homeowner.

From the editor's desk: The difference between potential and skills
August 2019, Technews Publishing , News
This issue of Hi-Tech Security Solutions includes our annual Local Manufacturing feature and it’s great to know that local security manufacturers are still going strong, even if the general manufacturing ...

Addressing risks in the healthcare sector
August 2019, Secnovate, Technews Publishing, ZKTeco , Healthcare (Industry), Security Services & Risk Management
The healthcare sector poses unique challenges and risks. Hospitals, for example, need to have a more-or-less ‘open door’ policy when it comes to people entering the premises and the main reception area.