5 Key Performance Indicators to measure

/0 Comments/in /by

The SonicWall Security Threat Research team sifts through hundreds of thousands of unique malware samples daily. In their latest threat report, they’ve documented that businesses continue to be under attack in ways that are increasingly difficult to defend against. We often see threat actors using combinations of evasion techniques and modifying their attacks vectors to circumvent firewalls and intrusion detection systems. The multitude of published security breaches proves that many existing network security controls are not working effectively against today’s modern threats. For companies that have been fortunate thus far, it’s time to face some tough questions about your security risks.

  • Are the company’s network security controls doing an effective job?
  • Are we testing and measuring its effectiveness thoroughly? What are the key quantifiable performance metrics?
  • Where do we need to improve to gain a better security posture?

Understandably there are many other important risk-related inquiries concerning different security controls that also require our attention. However, we’ll narrow the focus of this discussion primarily on next-generation firewalls (NGFWs) given their principal role in facilitating secure business communications and data exchanges over the Internet. Thus, the stability, reliability and most importantly, security effectiveness of the NGFW device is imperative when it comes to protecting the confidentiality, integrity, and availability of an information system and its information.

Picture of SonicWall's SuperMassive E10000 Series model

The concept of a “security effectiveness” score is generally recognized today as a decisive network security metric used by IT organizations across all industries. The computed rating helps decision makers establish a reference level in assessing the quality and efficacy of an NGFW based upon “5 performance indicators” identified by NSS Labs, a well-trusted independent information security research firm that supports its product analysis through exhaustive laboratory testing. NGFW devices are tested and rated for their effectiveness, performance, manageability and cost of ownership to provide answers to tough questions faced by IT professionals when selecting and implementing security products. So when NSS documents these scores and makes its recommendations in its published reports, it is solely based upon empirical test data. Testing is performed starting with a baseline configuration to more complex, real-world configurations that simulate varying use cases. The firewall ranking is heavily weighted on 5 key performance indicators that determine the effectiveness score verifying that the firewall is capable of the following:

  1. Intrusion Prevention – correctly blocking malicious traffic based on a comparison of packet/session contents against signatures/filters/protocol decoders without false positives.
  2. Evasion – accurately detecting and blocking known exploits when subjected to varying evasion techniques.
  3. Application Control – accurately executing outbound and inbound policies consisting of many rules, objects, and applications and identifying the correct application, and taking the appropriate control action.
  4. Firewall Policy Enforcement – correctly enforcing firewall rules that permit or deny access from one network resource to another based on identifying criteria such as source, destination, and service.
  5. Stability and Reliability – maintaining security effectiveness while passing malicious traffic under normal or heavy conditions.

The NSS security effectiveness report is the ultimate validation of NGFW quality and performance. The report contains a full range of tests results that have direct relevance towards the evaluation and selection of a capable NGFW to protect and secure your organization. Some of the interesting findings include exploit block rate, coverage by attack vector, impact type and popular applications and resistance to various combination of advanced evasive attacks. As an IT security leader responsible for information and network security in your organization, I’d like to share with you a copy of the NSS Labs report that is packed with important information to serve as a guide when measuring the security effectiveness of your current firewall.

Download Report

Go mobile to Increase Employee Productivity

/0 Comments/in /by

What if you could increase employee productivity and employee satisfaction? Compelling evidence shows that employers that embrace the use of mobile devices for work purposes, whether personal or corporate issued, can do just that. Too risky? A new generation of mobile security and management tools can enable this without compromising data security.

According to a survey of 251 businesses and IT professionals conducted in 2014 by Harvard Business Review, “organizations that support and encourage use of mobile devices by their employees are experiencing increased productivity and user satisfaction. The good news is that the mobile revolution isn’t coming, it’s here. A majority of respondents believe mobile devices have already transformed their organizations, and predict their transformational impact will be even greater in two years. As an example, 65 percent of respondents say mobile devices have improved enterprise efficiency, while another 51 percent say they’ve improved customer service. Meanwhile, 47 percent say they’ve enhanced employee satisfaction and retention. ”

Could your business benefit from increased efficiency? Increased employee satisfaction? Most businesses could.

In order to achieve these benefits, you’ll likely need to refresh your data access and security infrastructure to support the mobile worker. Most organizations are optimized for the legacy remote access paradigm, that is, IT managed windows laptops. To facilitate mobile worker productivity, you’ll need to modernize your access and security infrastructure to enable mobile worker productivity and protect from mobile threats. Here’s a checklist of considerations:

  1. Data protection, end-to-end: Data protection is a top concern and many organizations are considering or have deployed technologies such as Hosted Virtual Desktop, Enterprise Mobility Management (EMM) or other data encryption solutions to secure business data on mobile and remote devices. This a great start, but company data and networks are still at risk if only on-device data protection is addressed. Security is an end-to-end mobile workflow challenge.

  2. Access to company data from many device types: Your remote access infrastructure was likely implemented for the use case of remote workers accessing corporate resources from windows laptops. Of course, this has changed with the explosion of mobile devices, including smartphones, tablets etc”¦.and will continue to evolve with wearables and the internet of things. To get ahead of the curve, IT organizations need to invest in access infrastructure and gateways that can support not only legacy windows laptop technologies, but also today’s mobile devices and are ready to support the connected devices of the future. For example, enabling secure access from the standard HTML 5 browsers that most modern connected devices support.

    Also, your access infrastructure was likely implemented to support a one session per user model. With the explosion of mobile and connected devices comes an explosion of concurrent sessions. To get ahead of the explosion and provide the support businesses will need to be successful, you need access infrastructure and gateways that are scalable to keep ahead of the explosion and keep employees productive.

    And lastly, whereas workers were delighted with the productivity gains experienced when business email and calendar could be accessed from smartphones, today’s workers want access to all the company resources they need to be productive, including ERP etc”¦.from their mobile devices. To get ahead of the curve, your access infrastructure needs to support secure access to a broad range of resources, including intranet web apps, client server apps, hosted desktops etc”¦ from the devices workers want to use.

  3. Business + Personal = Increased risk: The business and personal mixed -usage model that many workers prefer, often results in co-mingling of personal and business data and apps on mobile devices. The typical scenario is a mobile user accessing email, calendar, the internet, social media and other apps for personal use, and also accessing business mail, calendar, intranet file share and intranet business apps for business use. The challenge for IT here is, that this comingling of apps and data increases the risk of business data loss and the risk of malware threats. We also find that IT organizations have challenges associated with mobile workers who are concerned about app and data privacy. Increasingly, personal data is legally protected, so businesses need to track end-user acceptance of BYOD policy terms to reduce business risk and demonstrate legal compliance. And we’re seeing these challenges across the board, impacting organizations of all sizes, all types. No organization is immune, though the greatest risk is with regulated industries.

  4. Cyber threats go mobile: Historically, IT protected corporate networks and compute environments by only allowing trusted devices and users to connect to the network. IT could help limit the potential of devices introducing malware onto the network by controlling and managing laptop configurations and software images. In the new mobile era, IT no longer controls or manages these devices. Workers are independently choosing their smart-phones and tablets as well as the apps and services they use to address business and personal needs, and with the mobile explosion comes an increase in cyber threats targeting mobile platforms.

    To protect from malware infection, the best defense is a good offense.

    With mobile users and BYOD, you may not control the device or the software, but you can deploy access control and security technologies in your IT infrastructure that interrogate the device, OS, mobile apps and validate their integrity before granting access to your network. You can deploy next-gen firewalls to scan mobile traffic entering your network and block malware before it infects corporate systems and data. And you can monitor and block access to and from disreputable web applications and sites.

    If your business could benefit from increased employee productivity and satisfaction, now’s the time to embrace going mobile. For more information on access and security solutions you need to enable mobile worker productivity while protecting from threats, read our eBook, SonicWall Secure Mobile Access for BYOD.

    Download eBook