• News
  • Columns
  • Interviews
  • BW Communities
  • Events
  • BW TV
  • Subscribe to Print
  • Editorial Calendar 19-20
BW Businessworld

Going For A 'Zone Defence' Security Strategy

Photo Credit :

Today, all the stakeholders are inclined towards spending more and more time and money on security, but we're making little progress.  Reports of major breaches seem to come more frequently than ever. In Dell's latest edition of the Annual Threat Report it found a surge in point-of-sale (POS) malware, increased malware traffic within encrypted (https) web protocols, as well as twice the number of attacks on supervisory control and data acquisition (SCADA) systems over 2013. 
Are companies less secure than they were before, despite the increased investment?  Or are hackers just smarter than ever? I don't think either is true- I think there's a connection that links raising kids, football, and the way businesses should think about security. With kids, parents move from one strategy to another.  With a single child, parents can play man-to-man defense similar to the football strategy, where a player guards against a specific opponent. In the parental vernacular, while one parent is occupied, the other can localize the damage the little angel can inflict on a single room. With two or more kids, parents move to a zone defence where each defensive player is assigned an area on the field, and when an offensive threat enters their area, they are responsible for covering the person.  In this configuration, parents let the little hellions loose around the house and simply try to protect the valuables and breakable wares in the dining or living room. 
From our viewpoint, businesses today operate in a man-to-man situation, trying to protect each and every little detail of their infrastructure. I think they'd be more effective using a zone defence as part of a strategy that is continually updated. Here's how it goes:
1) What do you really need to protect?  You can't walk away from perimeter defenses like next-gen firewalls or encryption technologies, so invest there, but perhaps focus what limited resources you have somewhere else. Determine what IT assets, critical apps and data absolutely must be protected. Remember that not everything needs the same security focus
2) A security breach is not an "if," it's a "when. “Your best bet is to limit exposure and mitigate risk by controlling access. Hackers are in constant pursuit of credentials, ideally with elevated or privileged access, so tightly control what each and every credential has access to.  Make sure there are no shared admin accounts.  When an employee leaves, CUT THEM OFF. When they change jobs, change their access to match their new job and eliminate the access from their previous role.  This is the ZONE in ZONE defense.  Isolate access to only what the user/credential needs. I contend that, taken together, this zone approach will offer more security to the most valuable assets given the resource and financial constraints we all face.  In other words, this strategy can be summed up as, "find the valuables, protect the valuables. 

The author, Murli Mohan, is Director & General Manager, Dell Software Group


Tags assigned to this article:
more 4 internet murli mohan dell software zone defence