editor’s question
FELIX ROSBACH,
PRODUCT
MANAGER AT
COMFORTE AG
W
ith an ever-
increasing
attack surface,
security is a
constant struggle
for data centres.
While IoT enables
us to analyse data like never before,
every device represents a potential
attack vector.
Aside from DDoS attacks and other
methods of sabotage, the most painful
type of cyberattacks are the ones
involving theft of sensitive data. Stolen
data is not only problematic in terms
of reputation and losing IP, in the age
of GDPR it can also result in very hefty
fines. There are two main problems:
First is malicious software: this is
a battle that is extremely hard to win,
especially with the digital workplace
and smart devices connected to your
data centre.
28
Second are backdoors: the bad guys
always seem to find a way to get in
somehow. Sometimes systems aren’t
patched or it’s simply impossible to
patch a legacy system because there
are dependencies on older software
versions you would never have even
thought of. Sometimes the OS is so
dated it might no longer have active
support available and security patches
simply don’t exist anymore.
For example, with backdoors on systems
that are facing the Internet, attackers
are able to launch web attacks like
SQL injection, cross-site scripting
or cross-site request forgery to gain
access to sensitive data. You can do a
lot to protect your network with classic
perimeter defence.
Firewalls, intrusion detection systems,
patching unpatched systems, identifying
servers that are listening on unwanted
service ports – these things are still
The way to
go forward is
to implement
sophisticated
identity access
management
in combination
with data-centric
security.
important. The days of ‘never touch a
running system’ are way over – now it’s
‘you’d better touch a running system.’
But even if you buy every security
solution possible you will never be 100%
secure. These only protect you against
known attack methods. But the more
connections you have, the more complex
your network is, the less effective is it
to build a wall around it. Moving to the
cloud, connecting to IoT and having
digital workplaces in your enterprise only
complicate the situation.
The way to go forward is to implement
sophisticated identity access
management in combination with data-
centric security.
With that combination you make sure
that only the right people get access
and, if somehow the wrong people still
manage to gain access, they can’t use
the data.
Issue 11
|
www.intelligentciso.com