The traditional firewall is no longer the cornerstone of your business security. Let’s say a fond farewell, because advances in technology and human behavior has rendered the traditional firewall as a side defender. It’s no longer the best and only strategy needed to form a solid information security plan. New technological advances, like cloud applications, are changing the rules of the game, leaving companies to form new strategies for their information security.
Why should we say goodbye to the traditional firewall? Simply, information isn’t transferred by these traditional avenues any longer. Information is not only stored on the company hard drive, instead employees are using more user-friendly applications to share and save data online. Say ‘hello’ to Google Drive and Dropbox.
Applications like Google Drive and Dropbox are taking the lead in being the favorite applications for employee information sharing. However by taking the information outside of the company, it can’t be protected by traditional means. With the rise of phishing campaigns on these cloud-based services, companies need to address how to keep data secure on the cloud.
The traditional firewall simply doesn’t consider cloud applications, and it doesn’t consider personal devices. We’re suggesting the employee mobile devices that are connected to the company E-Mail, or being used to transfer important files. Employees can even be found using public Wi-Fi to access company information, or using unregulated cellular data plans.
A recent Ponemon survey found that 81% of IT departments don’t know how much sensitive data resides on mobile devices and the cloud. When employees use these new applications to access company data, the firewall can no longer protect the data. The information is taken to new areas where the company actually has no defending capability. This shift in information storage and access will dramatically change the reimagining of data security.
How can we approach these changes in technology and adopt? Employees are looking to be productive at all times and have constant access to information. Unfortunately, this sharing of information often goes unnoticed by IT technicians, until a breach occurs. A company can simply place limitations on the employee by restricting company information to company devices and computers. In opinion, this is not the best way to go. By restricting employee productivity and limiting their usage of cloud and personal devices this can lead to employee dissatisfaction and anger. Instead, look for new security services and procedures to coexist with the areas that data is now being stored.
We don’t want to restrict employee productivity, so we look to establish other procedures and applications to protect company data. A centralized dashboard is the next step. This dashboard lets management see activity within the entire organization that will help management observe unusual patterns. This software allows the user to block access to data in real-time as needed, and remove access to encrypted files. These features must happen in the consumer cloud and be compatible with it.
Is the traditional firewall dead? It might not be in ashes, but changes in technology and employee behavior have prompted an important discussion on how to protect company data on cloud-based software and cellular devices. The perimeter security model is growing. It no longer includes the hard exterior, but it also includes the soft interior. Traditional defenses need to be evolved and reimagined for the issues discussed in this post. Companies have grown compliant with the general security defense model, because it’s easy and less costly. However with the large growth of web-based applications and internal networks, the traditional methods will need to be rethought. To be truly successful, an information security model should consider all internal and external factors, including people, cloud devices, cellular devices and the traditional firewall.