Tuesday, 15 December 2015

Why Managed Security Services & Your Provider Matter, Especially in the Cloud

Written By Michael Marrochello

We have all seen the news reports over the past year of troubling retail data hacks. Unfortunately, the list of data breaches shows no sign of abating. These retailers were PCI compliant and had the best tools in place, tools that monitor a network for suspicious behavioral patterns and zero day threats.

So what went wrong? How does a company get breached if they have the best monitoring tools in the industry and are PCI compliant?

 The short answer: by not recognizing and acting on security issues before they become full blown attacks or breaches. Case in point: one retailer stated that all of the alarms on the devices were working properly, but their security personnel chose to ignore them. Even companies that deploy the best security technologies need to work with a Managed Security Services (MSS) provider.

 In addition to providing state of the art device monitoring and management, Managed Security Service providers offer 24/7 monitoring. When alarms go off, globally located security analysts are ready to respond and work with whomever they have to within the organization to address the issue fast. Managed Security Service providers regularly “ping” devices connected to the company’s network to make sure they are still “alive” and haven’t been shut-down by hackers.

 When evaluating Managed Security Service providers ask about their process and security approach. Every provider should have some variation of the following three-tiered approach. The first tier involves the security devices within your facility (firewalls, etc.). Information gathered by these devices should be captured and constantly analyzed for anomalies and potential threats. That analysis should be conducted in a security management center or security operations location. Additionally, the Managed Security Service provider should compare the data gathered from the client with its own threat library to see if it matches any breach patterns, etc. This is the second tier in the security pyramid. Finally, the Managed Security Service provider’s analysts are the third tier of defense against bad actors. Gathering, analyzing and comparing threat data is only as effective as the experts doing the work. Having a trained, dedicated, experienced staff managing a company’s security could be the difference between success and failure in stopping a data breach.

 Cloud based security offers a means of protection that is closer to the source instead of the destination without the large capital equipment costs. According to the Verizon 2014 Data Breach Investigations Report retailers main area of vulnerability was the point of sales (POS) system. Isolating these POS systems and not allowing the users to browse the Internet can assist in protecting them. However, in the overall realm of protection the threat landscape has changed from targeting servers to targeting the end user device. Users bring their tablets, laptops, and smart devices home and often times without protection from browsing the Internet. Using cloud-based Security as a Service (SaaS) for URL Filtering will extend the perimeter to protect these end user devices. Advanced threats are persistent and targeted. Using a cloud-based solution to detect these attacks closer to the source is also a recommendation. This also includes Denial of Service (DOS) protection and mitigation. If the attack has made it to its destination before being detected it is more likely that some mitigation methods will initially fail. Using a cloud-based DOS Defense service closer to the source will prove to be beneficial in mitigating these attacks.

 It makes sense to use a Managed Security Service provider. Security incidents are only going to increase and companies that are serious about security have to throw more than just devices at the problem. A Managed Security Service provider, adhering to a proven, multi-tiered approach to data security can help you mitigate business, financial and reputation damage from a data breach.

Post source : http://news.verizonenterprise.com/2014/10/managed-security-services-tiered-approach/

No comments:

Post a Comment