Part 1: Why Is Enabling Only Authorized Users So Complex?
In the past, a critical component of preventing threats was understanding and controlling network access and access to network resources based on role, while also denying access for unauthorized users and devices.
However, assuring this secure network access has been increasingly difficult due to:
- Complexity in understanding more than just who, but how, by what, when and from where users and devices attempt to access network resources
- Complexity in connecting authorized users to needed services with the explosion of both on premise and remote devices used by a single user
- Complexity in evolving network architectures where networks have become more “flat” and difficult to manage from a security standpoint
- Complexity in unifying the number of disparate security systems that need to be configured, managed and visualized
These various aspects of security complexity challenge security practitioners with delivering the right services and purchasing the right solutions to not just handle the complexity, but also reduce it. However, when we take a look at IT security spending, where does the majority of investment go and where do most vendors siphon their money to and why?
If you look across the entire attack continuum, there are three phases that people need to focus on when dealing with threats and attacks: before an attack happens, during the time it is in progress, and even after the damage is done. To properly protect against threats in all stages, organizations need to reinvestigate their security to gain visibility and control across these three phases in order to truly reduce risk.
However, very little investment has been allocated to the “before” phase beyond traditional access control lists (ACLs) used in network firewalls, despite risks presented from those with network access where more granular controls are needed. For the other phases, most organizations have indeed focused on in-progress detection during an attack post-attack investigation after an attack for the purposes of remediation or even for future-proofing.
At Cisco, we’ve taken a threat-centric approach that covers all three phases. This begins with streamlining investments in the before phase to complement baseline investments in firewalls. Reconsidering investments can start with moving towards more sophisticated secure access to prevent the threat of unauthorized usage based on actual user roles and device connectivity requirements.
Cisco solutions provide Secure Access across the entire extended network to combat these complex challenges. It is rooted in the before phase as it optimizes security but also lowers risk in the during and after phases. However, why is this area just starting to heat up despite being around for years? In Part 2, we’ll talk more about complexity and how the network has changed and why access technologies have been so “complex” in the past.