As a leading analyst firm, Gartner comes out with a steady stream of predictions. One of the latest rounds concerns security. The predictions are designed to help IT pros take security seriously. After all, cybercriminals are more organized and dangerous every day.
Old attacks still brutal
The media hops all over the newest attacks, and they are indeed serious. Older attacks, though, are still the biggest problem, in part because they are so plentiful.
The evidence is overwhelming. “Through 2020, 99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year,” Gartner analyst Earl Perkins said at the firm’s recent Security and Risk Management Summit.
One issue with older attacks is that – with a simple tweak – they can appear to antivirus/anti-malware tools as new. Another problem is that many attacks are based on what software patches tell us about a vulnerability. Because not all systems are patched, those attacks can penetrate unpatched machines – and wreak havoc.
The answer: Keep antivirus/anti-malware solutions constantly updated and make sure the software systems you run on are continually and timely patched.
The Dark Side of Shadow IT
IT can’t manage or protect what they don’t know is there. That is the problem with Shadow IT, where end users and departments install their own solutions – right under IT’s very busy nose.
“By 2020, a third of successful attacks experienced by enterprises will be on their Shadow IT resources,” Perkins said.
The Shadow IT apps installed on-premises are likely not patched and access control measures weak.
Another problem is web-based apps; many of these are not regularly offered patches by their creators. Being on the web, these applications are more easily accessed by hackers and cybercriminals.
The answer: IT must do several things. First, there should be a policy concerning what apps end users and end user departments can install. Training should be in place to support the policy. Admin rights should not be given freely. This helps control unapproved on-premises apps but does far less for web software. And IT itself should only use technology that is fully vetted.
Even more importantly, IT also needs the ability to continually audit and inventory their PCs and servers to know what is in use in real time.
Public Cloud Threat
Perkins sees more and more breaches coming from the cloud. “By 2018, the need to prevent data breaches from public clouds will drive 20% of organizations to develop data security governance programs,” he said
That is a pretty obvious point. There is more sensitive data in the cloud than ever before and more bad actors trying to get at it.
The answer: IT must choose cloud providers carefully and vet them for their security chops. In some cases, more secure cloud services carry a premium, but these more costly services should get serious consideration.
Applications and data placed in the cloud should also be given a rigorous approval process.
Meanwhile data sent to and from the cloud should be encrypted and the WANs and LAN that interface with the public cloud closely monitored.
The DevOps Challenge
DevOps, where developers and IT Ops attempt to work as one, gives birth to a number of issues. One is the use of Platform-as-a-Service (PaaS) where vital and confidential code works-in-progress are in the cloud, creating a code cracking vulnerability.
The software itself needs to be secure. “By 2020, 40% of enterprises engaged in DevOps will secure developed applications by adopting application security self-testing, self-diagnosing and self-protection technologies,” Perkins said.
Software built in a PaaS is created quickly and then iterated often. This can lead to vulnerabilities.
The answer: Perkins is a proponent of runtime application self-protection (RASP) which helps developers continually identify vulnerabilities that can then be closed.
New Cloud Security Come to the Fore
A new form of cloud security provider will be part of IT landscape – in particular to protect SaaS solutions. “By 2020, 80% of new deals for cloud-based cloud-access security brokers (CASB) will be packaged with network firewall, secure web gateway (SWG) and web application firewall (WAF) platforms,” Perkins argued.
What to do: CASB technology can be added to traditional security tools, and IT customers should evaluate these solutions carefully.
Authentication Moves to the Cloud
Identity and Access Management (IAM) are critical to a secure network. As more apps move to the cloud, so too should the authentication. “By 2019, 40% of identity as a service (IDaaS) implementations will replace on-premises IAM implementations, up from 10% today,” Perkins predicted,
What to do: Whether in the cloud or on-premises, IT should have strong authentication such as two-factor authentication (TFA). As your environment shifts, IAM should shift as well. IAM can be complex and moving it to the cloud removes the need to manage the IAM infrastructure.
Passwords remain a front line of defense, but a single password is far too crackable. The answer may be recognition techniques such as fingerprints, facial and iris recognition and other means. “By 2019, use of passwords and tokens in medium-risk use cases will drop 55%, due to the introduction of recognition technologies,” Perkins said.
What to do: A good first step is to move to two- or multi-factor authentication (MFA). Any of these factors can then be based on recognition technology if you choose.
Internet of Things (IoT) Poses Risks
IoT devices are everywhere – and spreading fast. One problem is that not all are built with security in mind. “Through 2018, over 50% of IoT device manufacturers will not be able to address threats from weak authentication practices,” Perkins said.
The answer: The first step is to find out how your existing security vendor(s) approach IoT. If their approach is not sufficient, look into specialized IoT security solutions. And don’t release a rash of new IoT devices without having a security plan in place first.
IoT Protection Underfunded
Hackers are gearing up to go after IoT. Too bad IT budgets aren’t gearing up as well. “By 2020, more than 25% of identified enterprise attacks will involve IoT, though IoT will account for only 10% of IT security budgets,” Perkins proffered.
The answer: Perkins believes that IT departments should spend 5% to 10% of their security budgets on protecting IoT. Of course, this should go up as IoT use increases.
Kaseya has a number of solutions that offer deep and flexible protection for your network.
Kaseya VSA is a solution to many IT security woes. One of its key attributes is antivirus and anti-malware protections. Even better, these solutions can be deployed to all your devices based on VSA’s ability to conduct audits and do discovery of all devices on your network. Meanwhile new defintions can be automatically deployed based on pre-set IT policies.
Software patching is handled with the same style of automation, which is critical as the majority of successful breaches are against unpatched computers. With VSA your systems are always fully patched and up to date.
Learn about Kaseya VSA’s automation and policy-management capabilities: Click Here
AuthAnvil Multi-Factor Authentication
Strong authentication, password management and single sign-on are critical to modern security.
Kaseya AuthAnvil provides two- and multi-factor authentication – as well as the ability to encrypt all user passwords and the data as it is transmitted.