on 23-Jun-2014 07:44
Here at F5 we’ve written about how evolving technology has impacted enterprise security a few times before but I think there are aspects of it that bear repeating.
In particular the increase in mobility, and therefore applications that workers use to access important data while working from laptops, tablets and smartphones, has affected the how, what and where of security.
The increase in usage of web applications, both internally and externally, has opened businesses up to new attack vectors, and many products on the market simply don’t do a great job of protecting against them.
Historically businesses have relied heavily on traditional security approaches to keep them safe, namely anti-virus and firewalls. But recently both of those approaches have come in for severe criticism about their effectiveness when it comes to more modern cyber attacks that target emerging enterprise technologies.
In fact, security companies themselves are questioning how effective traditional approaches are. Brian Dye, SVP of information security at Symantec, recently said that anti-virus “is dead” because cyber criminals are changing their approach, rejecting malware in favour of more targeted attacks that aim to steal mission-critical data and DDoS attacks that aim to disrupt a service.
Firewalls, too, have come in for criticism. Traditionally firewalls have protected the network layer, focussing on port management and, essentially, keeping the bad guys off the network via a blacklist. The problem is that isn’t really sufficient these days because so much critical data now resides on the application layer, which firewalls don’t do a great job of protecting.
That’s because many firewalls don’t focus on user session data or entire requests, instead focusing on just the packets travelling along the wire. As we have highlighted before, that doesn’t provide the application-specific knowledge required to tell a good request from a bad one.
Something like a dedicated Application Security Manager can provide all the detail needed regarding what it going on at the application layer. It can provide geo-location data, helping to provide greater details about attacks and stop them from causing too much damage. This extra detailed gathered is vital for any company that hosts sensitive customer data and therefore needs to adhere to regulatory compliance and data protection laws.
Application Security Managers have a much greater understanding of user context than traditional firewalls do, meaning granular policies that govern access can be extended to cover web applications, as well as taking into consideration other factors such as the location of a user and the type of device they are accessing applications from.
Essentially what products like this do is provide businesses with peace of mind and full confidence that they are able to withstand attacks aimed at the application layer. That’s something traditional firewalls and other security approached cannot claim.