IT admin must stop griping about emerging social trends
Ever sat next to a colleague who would occasionally snigger in front of his laptop for no apparent reason? And you would proceed to roll your eyes because you figured he was probably on a social networking site or watching a clip on YouTube.
Whether or not we all agree social networking use in the workplace negatively impacts staff productivity and introduces security risks into the company's network, it's a trend that's here to stay. So instead of whining about it, IT managers need to reassess their organization's social policy and security posture.
That's the message Kostas Anagnostakis, founder and CTO of Niometrics, discusses here as a guest blogger of Tech Podium. Founded in 2009, the Singapore company was born out of research initially conducted at the Institute for Infocomm Research which looked at ways to detect "unhealthy" applications such as file-sharing systems that can overload networks.
Today, Niometrics touts an application recognition engine that analyzes network traffic the application layer, which it believes is the most effective way to monitor and manage a company's security policy.
Kostas has kindly agreed to answer questions from readers. E-mail your query and ZDNet Asia will feature selected questions in a follow-up report.
With the consumerization of IT and the prevalent use of social media tools at the workplace, the tide has changed. It is time network administrators look for better ways to control and secure their networks.
As Hollywood makes a quick buck on movies such as The Social Network, IT administrators fret and get increasingly worried about the potential security implications for their enterprise networks. Take for example malware laden "hot" links that capitalize on trends such as the deaths of Amy Winehouse and Osama bin Laden, social media is yet another avenue, among a long list, being used to propagate malware online.
Not that such fears are unfounded, or that security breaches are things only large companies need worry about. In fact, cyber criminals are oblivious to business size as every network represents a fair challenge for the hacker and their army of bots.
Last year, an Information Security Breaches Survey revealed that 83 percent of small businesses in the U.K. had experienced a security breach and damages on average might reach 55,000 pounds (US$85,978). No such study has been conducted in the Asia-Pacific region, but it should not be any surprise if similar results are found, especially among digitally-enabled economies such as Singapore, Malaysia, Korea, and Japan.
Aside from having to battle threats from the "outside", danger emanates equally from within the enterprise.
With the consumerization of IT, employees are eschewing their company-issued BlackBerries and replacing them with personal devices, and running on them, hundreds of thousands of unapproved, backdoor-sy and potentially dangerous applications. Remote backup, remote access tools and file-sharing clients are just the stuff security nightmares are made of.
Even desktops and laptops that have been locked down and patched can be circumvented by the latest malware equipped with the latest exploits. Increasingly, we see malware authors using a sophisticated combination of techniques, called advanced persistent threats (APTs), which include social engineering, spear phishing and rootkits, to compromise and steal data from companies--some as large as Sony and RSA.
IT administrators, thus, need to be prepared for the worst-case scenario and prepare for when Trojans and bots enter their fortified enterprise networks. They will have to deal with ever increasing risks even as upper management ignores their pleas and jump head-on into social media, BYOD (Bring Your Own Devices) and freely available applications in the search for more business opportunities, lower costs and better productivity.
Instead of griping, IT administrators should look to newly available security tools that will help them regain some semblance of control over their networks. There has been one small piece of good news in recent years with the development of network technologies operating at the application layer (or Layer 7), which basically refers to the unique way all programs communicate. This is important as all malware or applications, regardless of platform or operating system, need to communicate, sending and receiving data and instructions.
If your enterprise is only concerned about controlling browser access to Facebook or YouTube, it's time to rethink your IT strategy. Many of these Web sites are accessible using standalone applications on a wide variety of devices, for instance, Dropbox and YouTube. Most of these are designed to circumvent rudimentary firewalls and aging Web filters that control access to a network, simply by restricting port numbers or URLs. Imagine allowing everyone through airport customs if they are over 2 meters tall, or with the surname Tan!
Application control at Layer 7 removes this ambiguity by scanning all network traffic and identifying all applications communicating over the network. With close to perfect detection rates, network administrators will be able to harness this technology to fully understand and control their networks.
The important lesson going forward for any enterprise network administrator is to think about how they can embrace new trends such as BYOD, social media and cloud computing, and manage the associated risks as we move toward an increasingly app-centric world.
My advice would always to be on the lookout for new technologies to help build upon the many layers of network security, and to be proactive in deploying tools that provide real-time capabilities to constantly monitor and mitigate threats that (will) occur.
And at the risk of sounding cliché, unless you are a visually impaired Japanese master swordsman, a "blind" network is essentially a broken one.