Holiday Shopping List: Network Security
As the holiday shopping rush kicks into high gear with the traditional Black Friday madness. There is also a similar rush for most companies and their use-it-or-lose-it, end-of-the-budget-year rush. With that in mind, we took a look at what should be high on every network security engineer’s ‘Must Have Holiday Shopping List’, to best prepare for going into 2018.
Holiday Shopping List #1 on the list – EaaS
Before we get into the new must-have shiny-object technologies, let’s talk about all the different projects you have already started.
How well have you implemented your recent security purchases? Did you implement all of the technology? Is it tuned? Is it monitored? Are you leveraging those purchases in a way you are maximizing their value?
At a recent conference we attended, we were told by one attendee, “We have so many projects that are 70% completed, we don’t have time.” By another, “We have 3 projects sitting on the shelf.”
Adding another technology that won’t be implemented to the list won’t help anyone.
It is time to find a good EaaS, Engineering as a Service, partner. At Teneo, what we believe makes a good EaaS partner comes down to a couple of items.
A partner with engineering expertise
A record of bringing projects to completion
Someone that can be tasked with specific projects
Nimble and flexible enough to respond to requests quickly
An ability to deliver level 3 support
Escalate and close tickets quickly without interruption to your team
Holiday Shopping List #2 SD-WAN
With the cloud adoption, IaaS, SaaS and critical apps, the dependence and robustness of your network becomes more important than ever. Because nothing is local anymore. If you have a legacy MPLS, hub and spoke network, and your satellite locations are getting bottle-necked to the cloud, a redesign is in order. Most customers can’t get rid of MPLS altogether. However, they can get rid of some, and they can go direct-to-net where possible. The ability to create application path preferences for the most important apps using SD-Wan should be on every legacy MPLS network engineer’s list.
But not all SD-Wan services are created equal. A good partner to guide you through the entire project while protecting the integrity and security of your network; from initial network mapping; through service integration; to becoming an ongoing resource to you.
When selecting SD-Wan, it is important to consider:
Ability to Monitor traffic
Cost Saving with the right partner
Holiday Shopping List #3 vSEC
As you move farther from your data center and further into the cloud, the more your hybrid cloud solution begins to look like two different environments. If all you are using is the built-in, native cloud security, the skills necessary to maintain your physical data center are different from those skills to maintain your virtual data center. How you control the ‘cloud creep’ and ensure security is maintained while systems expand and shrink elastically, is another must-have for Christmas this year.
Visualize a network environment where you see all of the traffic across all of your networks. Where you have one policy across all of your environments, monitored from a single pane of glass. These items and more are accomplished with vSEC. And as a trusted partner, Teneo is one of the first certified vSEC Check Point partners.
Bonus – Stocking Stuffer – Protect any SaaS
And who could forget the extra treat ‘hung by the fire with care’?
When adopting SaaS applications, the door is opened for many different issues. Securing data you own on a system you don’t, from devices you may or may not own is just the beginning. The SLAs and shared security responsibility statements are clear. But is that basic level of SaaS security just to check a box? Or is it actually securing your data?
Making things worse the implementation for these services are easy to implement with a free trial and often started outside of IT’s control. This makes Shadow IT something critical to monitor.
All of these issues are where a cloud native solution for securing any SaaS comes in. Ideally you should ask Santa for a vendor agnostic, DLP, Advanced Sandboxing, Threat Emulation and AV service. The best gifts for SaaS security do not include a proxy, but rather an API backend that is capable of looking at all SaaS data. Not just the SaaS data that is entering and exiting.
And like any good stocking stuffer treat, this SaaS protection service must be easy to set up. A Proof of Concept (PoC) which takes 60 minutes is a must to see it working on your data. It should also instantly go to work protecting your SaaS with zero latency and zero user interruption. To learn more, listen to this webinar.