‘Zone Defense’ Strategy for Securing IT Infrastructure

by March 9, 2016 0 comments

– Murli Mohan, Director & General Manager, Dell Software Group

In today’s technology driven space, where a company’s success lies in how secure its IT infrastructure is, it becomes even more important for organisations to re-look their security requirements. No doubt IT departments have started investing more towards securing their infrastructure, but are those efforts enough? Security plays a vital role throughout the optimizing process of bringing an IT infrastructure from a vulnerable state to a stable state.

We frequently come across reports about breaches and sometimes companies don’t even acknowledge the fact that they have faced a security breach. According to Dell’s most recent Annual Threat Report, they found an increased flow in point-of-sale (POS) malware, increased malware traffic within encrypted (https) web protocols, as well as twice the number of attacks on supervisory control and data acquisition (SCADA) systems.


OLYMPUS DIGITAL CAMERA Murli Mohan Director & General Manager, Dell Software Group

The state of security in Indian organisations

Have hackers become more advanced or are the organizations less protected than they were earlier, in spite of making increased investments?

Certainly, such views are true. In fact, based on select findings, there is a connection that links raising kids, Hockey and the way organisations should think about security.

Parents move from one strategy to another with kids. For instance, when they handle a single child, parents can play man-to-man defense, similar to the way Hockey is strategized, where a player guards alongside a particular opponent. In the parental language, while one parent is occupied, the other can localise the damage the little angel can inflict on a single room.

In another scenario, when parents have two or more kids they move to a zone defense, where each defensive player is assigned an area on the field. Thus, when an attacker enters their range, they are responsible for covering the person. In this formation, parents let the troublesome kids loose around the house and simply try to protect the valuables and fragile wares in the dining or living room.

Similar to the above scenario, currently organisations are trying hard to protect each and every part of the infrastructure, using the man-to-man approach. Honestly, the zone defense would drive better results, as part of the playbook that keeps getting updated frequently. Here is how you can work on this approach:

1. Evaluate what requires proper protection? There is no doubt organisations can walk away from boundary defenses like next-gen firewalls or encryption technologies, so invest in them. Nevertheless, focus on security must not be limited to that, as a part of it can be allocated somewhere else. Be clear about IT assets, critical apps, and data that you would want to absolutely protect as everything does not need the same security focus.

2. Security attacks are always about ‘When’ and not just ‘If’. So an organisation’s safest option is to have controlled access through limited exposure. Hackers are not only getting smarter but are in continuous chase of credentials, preferably evaluate and have a tight control on what each and every credential (user id) has access to. Shared admin accounts are one of the most vulnerable spot for a cyber-attack, so make sure you when an employee exits the organisation, you just remove them completely. Once they change jobs, transfer their access to match their new job and eliminate the access from their preceding role. This is the ZONE in ZONE defense. In short – isolate access to only what the user/credential needs.

When these two models are taken into consideration together, it’s called Zone Defense approach. This will offer additional security to an organisation’s infrastructure assets, given the financial restraints that organisations constantly face. To sum up “protect your valuables today to reap benefits in future”.


No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.