INDUSTRY
VERTICAL
With Francis Lachance
Being Connected Examining why closed-network systems are not immune to cyber threats
aInd how cloud services add layers of security to minimize risk
solated corporate applications and infrastructures are becoming a thing of the past. That’s because trends such as bring-your-own devices (BYOD), internet of things (IoT)
and cloud services are compelling busi- nesses to become more connected. Now more than ever, IT departments are look- ing outside their environment at solutions that could lower costs and take the strain off their resources.
However, in the physical security in- dustry, one common myth is still holding some decision-makers back: it’s the idea that keeping on-premises systems on closed networks is more secure. This article will not only help to debunk this false belief, but also show how companies can further enhance the security of their on-premises systems by connecting to the cloud services with built-in security mechanisms.
Why a Closed Network Doesn’t Protect Your Systems from Threats
The security of corporate data is critical to the integrity of operations. Yet, everywhere we turn, it seems like another company has become victim to some form of cyber threat, malware or ransomware attack. As more breaches occur and attract interna- tional press attention, fear grows, leading many to believe that opening up a network to external applications makes an organiza- tion more vulnerable to a cyberattack. This mentality is no longer accurate or true. In fact, many might be surprised to learn that a significant percentage of these breaches actually come from internal sources— whether unwitting or on purpose.
Last year, a data exfiltration study done by Intel revealed that “Internal ac- tors were responsible for 43 percent of data loss, half of which was intentional, and half accidental.”1 Another report from Forrester called, “Understand the State of Data Security and Privacy,” found similar results.2 The study indicated that almost 40 percent of breaches came from
inside a company, and that accidental and malicious intent was equal.
This data tells us that on-premises sys- tems with closed networks are not entirely immune to threats. An employee can acci- dently open a phishing scam email and un- leash a virus on a closed network. Or, a visi- tor could maliciously connect a USB stick to a computer with the intent to steal data or take down systems and halt operations.
Even when facing external threats, vulnerability often stems from systems that have not been updated with the lat- est fixes, or from passwords that have not been changed in months. For example, in the security industry specifically, many businesses unknowingly leave themselves vulnerable to hackers or prying eyes by
not changing the default passwords on new video surveillance cameras.
While many believe that opening their network to cloud services might welcome greater risks, these studies and common mishaps suggest otherwise. Lack of em- ployee education or defined cyber security policies, gaps in physical security and in- sufficient system maintenance contribute to the greatest number of threats.
How Connected Applications are Shaping Up to Be More Secure Cloud is not all or nothing. Cloud ser- vices can be added to complement an on-premises system and its infrastructure. This can include using cloud applications
12
0817 | SECURITY TODAY
one photo/Shutterstock.com