EDITOR’S QUESTION
Stephan Berner
Managing Director,
Help AG
monitoring and logging of all network traffic.
The primary focus of IT spending to help
achieve this hardened security model will
therefore be access control solutions.
In a number of markets in the region, due
to the impact of low oil prices, government
and enterprise spending has witnessed a
slowdown. In this economic climate, it will
be essential for organisations to maximise
the ROI on their IT spending. Therefore,
from the perspective of IT security, I believe
the need is for organizations to adopt a
‘zero-trust architecture’.
Besides maximising the utilisation of the
existing security infrastructure, the approach
is a fundamental need in the era of Advanced
Persistent Threats (APTs), access abuse,
social engineering, and modern malware.
It presents the opportunity to substantially
improve defensive posture and prevent
exfiltration of sensitive data.
The three most basic principles of the
model are- secured access for all resources
regardless of location; stringently applied
‘least access’ control; and fine-grain
74
INTELLIGENTCIO
From a technical perspective, zero-trust
utilises a lot of virtualization technologies
such as virtualised compute, virtualised
routing and segmentation of the
infrastructure in security zones, in order
to create very clear demarcation points
between the different security layers in the
infrastructure. Those organizations that
have not undertaken virtualisation of their
environments yet should definitely see this
as the way forward. With the emergence
of SD-everything, their investments into
virtualisation will go a long way in building
the platform for future innovation.
Finally, an area where a lot of enterprises
still fall short is in event monitoring and
handling. I am often surprised to see that
despite business and applications now
running 24x7, organisations still think
monitoring and addressing security events
is only something that needs to be done
during working hours. In most cases, this
is due to resource constraints which is why
utilising a competent third party provider
with technically qualified staff for a real
24x7 operation could be a feasible and
cost effective option. It also offers the
opportunity to work with manageable OpEx
rather than intimidating CapEx spending.
It is precisely to address this need that
Help AG established its Managed Security
Services (MSS) division in 2015 which is
unique in that we deliver all services within
the region and no log data actually leaves
our customers’ premises.
www.intelligentcio.com