Top IT Security Tech to Use and Practices to Avoid
Join the DZone community and get the full member experience.Join For Free
If there’s one worry dominating the minds of most business owners these days, it’s that of security. Cyber crime has become all too common, putting companies, their employees, and their customers at risk. News of security breaches hitting large corporations like Target and Home Depot are doing little to soothe these concerns, which is why many organizations are investing more money in IT security technology. In response to the increased demand, many vendors are offering up new security solutions intended to prevent crimes from ever happening and minimizing the damage for those that do occur. With so many options, it may be difficult for enterprises to choose what’s best for them, especially when criminal tactics evolve so quickly. Even with the confusion, a number of IT security tech has come to the forefront and should definitely be considered by executives and managers alike for their businesses.
One tool that has exploded in popularity in recent years is cloud computing, but that has also increased the security concerns surrounding it. While cloud security has improved, many organizations have been reluctant to adopt the cloud since it places security responsibilities in a third party’s hands. That’s not always the case, however. With cloud access security brokers, security has the potential to remain on-premise to some extent. The technology works by placing security policy enforcement points between those people using the cloud and the cloud provider, allowing the enterprise to use their own security policies whenever employees access cloud services. This technology helps organizations increase their control and visibility over the cloud as it becomes a more prevalent part of their operations.
Other technologies that have gained more attention in the wake of recent security breaches are sandboxing and isolation tools. Sandboxing technology essentially wraps an extra layer of protection around the most targeted applications and web browsers. This helps to account for employee actions that may unwittingly increase the risk of cyber criminal infiltration while also providing more protection for applications that are common cyber crime targets. This extra protection stops potentially harmful code from spreading into more critical systems, in turn requiring criminals to spend more time and resources trying to break it. More than likely, cyber criminals will move on to easier targets.
As more companies start adopting bring your own device (BYOD) policies, the subject of BYOD security becomes an even bigger concern. Managing so many mobile devices can quickly become a nightmare for IT, but luckily there are numerous mobile device management (MDM) software programs available to make that task easier. MDM software helps IT departments keep better track of the activity employees engage in on their mobile devices. MDM programs can also be used to approve of company app libraries where only apps that have the right security features can be used by workers, preventing the spread of mobile malware. Many MDM programs also feature remote wiping capabilities, where companies can wipe a mobile device of all information should that device get lost or stolen. This helps prevent unauthorized access of sensitive company data.
While these IT security technologies should certainly be considered by companies, there are some practices they’ll want to avoid as well. One is what Gartner refers to as the “Shiny New Object Syndrome.” New security technologies will often be hyped up by vendors and marketers, but just because they’re new doesn’t automatically make them better than tried and true technologies. Emerging technologies should always be viewed cautiously and not as the one solution to all of a company’s security problems. At the same time, organizations should make sure they don’t let vendors define what good security is. Each company should know their own security needs while being wary of vendors’ solutions that only serve to increase their own profits.
IT security remains a formidable challenge, especially for companies with limited resources and those whose organizations are far reaching. With the right technology, many of these challenges can be overcome, but that requires finding what technology works best for the company. These guidelines should be a good starting point for businesses overwhelmed by the numerous options out there. By proceeding with a clearly laid out plan and genuine security knowledge, companies will be more prepared to make the right choice when the time comes.
Opinions expressed by DZone contributors are their own.