Security / May 4, 2017

Overcoming the Human Factor with Visibility-centric Security

In the American Housewife episode titled “The Walk,” a couple is struggling to let their 8-year-old child walk three blocks to the library alone. Yes, it’s a scary thought, but there comes a time when all parents have to learn to let go, when they realize they can’t be there at every instant.

In the show, the couple resolves the challenge by employing a drone to have the necessary visibility and control over their child’s environment and actions. Rather than sequester the child or assign a parent to her every move, which isn’t feasible, they replaced prohibition with granular visibility. By now, I know you know where I’m going with this…

Companies Face a Similar Visibility and Control Challenge

The most important vectors of security breaches are company employees. As revealed this week in the Dtex Systems Insider Threat Intelligence Report, 60% of all attacks are carried out by insiders and, of those, 68% are committed by simple negligence. The report also showed that a staggering “95% of enterprises found employees actively seeking ways to bypass corporate security protocols.”

In other words, when employees perceive internal policies to be limiting their ability to do business, more often than not, they will disregard those policies or find a way around them. For instance, they may use ToR or VPN to dial into another network and download risky content from a suspicious website. That “way around” is where the threat is: either employees have inadvertently leaked data or malware will find that exploit and infect the network.

Such behavior is extremely widespread. How many employees – even us security professionals – have checked their personal email from a corporate device? How many employees have loaded a corporate presentation onto a personal thumb drive to share with a colleague?

The Shortcomings of Prohibition-based Security

For the past 20 years, our more common method to ensure network security has been a prohibition-based approach. Inspecting, identifying, and eventually blocking packets. Limiting what comes and goes in our environment. Blocking the access to certain websites, deactivating USB ports, restricting the utilization of printers, segregating networks, etc.

Just like these sitcom parents who could not walk their kid around all the time, it is impossible to have someone regulate every packet in detail. So we slap a policy – manually or automatically generated – and we block specific behaviors.

Visibility-centric Security: Trust but Verify (and Control)

We want employees to succeed, but, like watchful parents, we also want to keep them and our companies safe. We can’t just take away functionality without providing employees with an alternative to get their job done. They will find a way to go around limitations for the simple reason that they are graded on their output and not on their compliance with internal policies.

For employees to become more productive without jeopardizing the security of their company, they need to be allowed to do more with the network, they need to achieve more with the tools that are available to them. We must substitute our prohibition-based approach with visibility-centric security:

  1. Trust: Let employees engage. Scale back over-encompassing security policies. Define alternative protocols that are easy to carry out and don’t encumber employee success. Train employees to help instill safe behaviors into your organization.
  2. Verify: See more to secure more. Visibility is an essential complement to trust: We can’t trust without the ability to verify that security protocols are being followed. Know what happens—anywhere—on the network.
  3. Control: Visibility-centric security brings better, more granular control. Instead of a blanket policy that would get in the way of your employees’ ability to conduct business, because you can see the context surrounding problematic behaviors, you can apply intelligent automation and have more detailed policies that will give your employees the freedom to be more productive while keeping your network safe.

Visibility into network traffic enables a more granular understanding of at-risk employee behavior. With more granular policies, it’s possible to retain control by helping to ensure that network security is not in the way of employee productivity—and, therefore, not fostering a disregard for internal policies.

This is the exact value of a visibility platform like GigaSECURE. It offers network security that no longer limits employee productivity because you can see the traffic on the network, and make more granular decisions about that data. With more freedom, employees can become active participants in your company’s success while staying true to your company’s security protocols.

Back to top