Security by the Wall

Organizations have started to invest heavily in technology to help them scale their business.People are now aware of security issues that they are going to face and want to take preventive steps.

I recently had an interesting experience on my interaction with a prospect.I was there at the prospects place to understand and explain to them about managing and improving security. As we started the conversation, I realized the basic misconception about improving their security.

Read the excerpts from our conversation,

• Mr.X: Ah well we need a firewall.
• Mr.X: Ah well we need a firewall.
• Me: But as per your network diagram you already have a firewall protecting your perimeter.
• Mr. X: Yes, that is there, but we want to replace that coz it is no more supported version and want to add a few more.
• Me: We will have to do a review of your network before we can exactly determine how many firewalls you will need.
• Mr. X: Ah well you see time is a factor and I want this to happen quickly before our auditors come next month. I need to show them something. We will share with you the network diagram, and why don’t you have a look and recommend us by end of day.
• Me: Yeah sure we will try to do that. But security is not always about adding devices to your network. You also need to periodically review your servers, firewalls, network devices and applications to ensure that they don’t have vulnerabilities that could be exploited by a potential hacker. Also it is a fact that 90% of the vulnerabilities are now discovered at the application level.
• Mr.X: Well for the time being we are looking at firewalls maybe you can recommend,……(after a pause and deep thought) IDS.

The point that I want to make is; adding perimeter security devices alone will not help improve security. And why replace a device which is working just perfectly fine unless you have performance issues with the device or want to utilize the features offered by the newer versions. The other advantage that you have in retaining the old device is that all the vulnerabilities in that device are already exposed and you have patches/solutions/workarounds readily available to fix those vulnerabilities. Attackers will not continue to find loopholes in the older devices rather spend time to find loop holes in the newer devices. It is safer to be around with a known enemy than trying to befriend an unknown one.

In order to manage risks effectively you need to constantly review your policies, risk management methodology, systems and applications. This will ensure that the dynamics of the day-to-day business does not leave loop holes open for an intruder to just walk-in to your systems or network.