From the Core to the Cloud, See it All

Simplify, secure and scale your hybrid cloud infrastructure to accelerate digital innovation.

LEARN MORE

CLOUD VISIBILITY

GET A DEMO

DATACENTER VISIBILITY

GET A DEMO

NETWORK SECURITY

GET A DEMO

INDUSTRY

A Thriving Partner Ecosystem

Gigamon reseller and integration partners design, implement and optimize best-of-breed and validated joint solutions.

FIND A PARTNER

NOT A PARTNER?

ALREADY A PARTNER?

Proven Support and Services

Our global support team is committed to creating experiences of unmatched quality, scalability and efficiency.

MY GIGAMON

OVERVIEW

GET SUPPORT

COMMUNITY

Customer Success

Our global customers are empowered to transform their businesses and innovate with the power of complete network visibility and analytics.

CUSTOMERS

ANU

Australian National University

Fosters a safer campus community with Gigamon.

cegedim

Cegedim.cloud

Improves cloud infrastructure and visibility.

 

department of defense

Department of Defense

Confidently feeds different tool sets in the physical and the virtual world.

Resource Library

Your one-stop hub to explore content resources to stay current on the latest in network visibility and analytics.

RESOURCES

Network Tool Efficiency Evaluation

Efficient Tools Are Happy Tools

Answer a few questions and get real-time insights.

def-guide

Achieve Hybrid Cloud Observability

Strengthen visibility and security.

ebook

Deep Observability eBook

Supercharge your tools with real-time, actionable, packet-level intelligence.

WHY GIGAMON

We are the first company to deliver a unified visibility and analytics architecture across your hybrid infrastructure to simplify, secure and scale IT operations.

LEARN MORE

IN THE NEWS

COMPANY INFORMATION

Deep Observability

Supercharge Your Security and Observability Tools

Without deep observability, you're exposed.

Great Place to work

Join the Team

Become a part of the OneGigamon team. Search for your next opportunity.

SHARE
Security / February 14, 2022

Data Privacy vs. Visibility: The Security Consideration

Adrian Rowley Adrian Rowley  

This article was previously published by Infosecurity Magazine.

Over the past two years, the pressure on businesses to digitally transform, meet changing customer expectations, and implement more agile processes has reached breaking point. And while organizations recognize the value of cloud adoption to combat these issues, it doesn’t come without its challenges. There are often concerns around the security of the cloud and uncertainty about data protection and privacy. Similarly, privacy concerns around the Internet of Things (IoT) continue to cause issues in industry. In manufacturing, for instance, new IoT devices are converging with process machinery that was never originally intended to connect to a wider network. Inherently, the security of these devices is far weaker than the modern alternatives.

To ensure protection in the cloud and IoT, deep observability into every part of the infrastructure is key. This includes a clear view into SSL/TLS encrypted traffic and TLS 1.3 encrypted flows. But what does this mean for data privacy? Can organizations gain observability into every asset and across entire networks whilst also complying with data privacy regulations?

Why Deep Observability Matters to Security

When embarking on digital transformation initiatives, organizations should be asking a number of critical questions: How do we ensure everyone can use the network securely; how do we migrate to the cloud while meeting compliance and security controls; how can we identify and mitigate security or network anomalies? If these considerations are not addressed, it will slow the process of migrating workloads to the cloud or integrating IoT devices, and it leaves a company vulnerable to breaches.

Deep observability is essential for bolstering security, not just in the IT world but also for operational technology (OT). Without a clear line of sight into all devices it is impossible to monitor (or protect) what you cannot see. Ransomware attacks are rife today because cybercriminals can easily penetrate a network and covertly gather intelligence for months before they deploy any malware. This technique is why blind spots represent such a security risk; cybercriminals are often present for weeks without being spotted. Therefore, gaps in visibility need to be eliminated. The key is finding a tool that can provide deep observability and actionable analytics while also keeping data privacy as a priority.

The Importance of Data Masking

SSL/TLS encryption is used commonly by enterprises as a central pillar of their cybersecurity strategy, especially as the majority of businesses are now working partially or fully in the cloud. However, this security measure has been turned on its head in recent years; while encryption previously existed to protect data from bad actors, it is now often leveraged by these criminals as a way to hold a company’s own data at ransom, or even to conceal malicious activity. In fact, in 2021, it was found that more than 90 percent of malware was hidden in encrypted traffic. Given the amount of encrypted data travelling across networks and the risk it now poses, organizations need a way to efficiently decrypt SSL traffic, share it with tools, and then re-encrypt it.

However, U.K. organizations are still required to comply with the General Data Protection Regulation (GDPR), which recognizes that certain data must be processed/stored to maintain confidentiality. Compliance to these rules is essential for every industry, while confidentiality is crucial for both the public and private sectors. Regulations in industries like healthcare and finance are particularly stringent and require that sensitive data must be protected, with penalties severe for non-compliance. This is where data masking comes in. Data masking effectively modifies sensitive data, so while it is structurally similar, it is of no use or value to those unauthorized to see it. This technique means that data is obscured before it is sent to security and monitoring tools, and therefore compliance becomes far easier as the sensitive data is never seen, processed, or stored. It also protects NetOps teams from being exposed to confidential data inadvertently, and it adds a level of data protection if monitoring or analysis functions are outsourced.

Data-masking tools are an essential part of network intelligence solutions and must be implemented in order to ensure organizations can comply with GDPR and data privacy regulations while simultaneously protecting themselves from cybercrime. While SecOps teams can only protect their network from what they can see, privacy and security cannot be at odds with each other. Instead, these elements must work in harmony to ensure data is always safe while allowing digital transformation initiatives to succeed.

Featured Webinars

Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s Security group.

Share your thoughts today

RELATED CONTENT

REPORT
2022 Ransomware Defense Report
GET YOUR COPY  Go
WEBINAR
Unlock Ultimate Hybrid Cloud Security: Join Nutanix for Insights
WATCH ON DEMAND  Go
REPORT
2022 TLS Trends Data
DOWNLOAD REPORT  Go
WEBPAGE
Suddenly, Ransomware Has Nowhere to Hide
TAKE A LOOK  Go
COMPANY
GET HELP
PRODUCTS & SOLUTIONS
POPULAR LINKS
  • ©Gigamon 2022
Back to top