From SimplySecurity.com/Trend Micro
One of the most enduring maxims in the IT security world is the notion that the next threat facing your organization could always be lingering just around the corner. As a result, vigilance has become synonymous with diligence as administrators must now proactively seek out and guard against network and data security dangers around the clock.
The good news, according to the latest analysis from Enterprise Strategy Group (ESG), is that companies are starting to acquire and implement the technologies and policies that can help bridge the gap between capabilities and expectations. In a recent survey of 315 U.S.-based enterprise IT security professionals, researchers observed a “dramatic” increase in the adoption of continuous monitoring strategies.
Overall, three out of every four responding organizations now have a formal risk management program that accounts for the continual measurement of network changes, such as the introduction of new enterprise assets or potential vulnerabilities. According to ESG, more than 40 percent of those companies now perform such proactive analyses daily.
“It makes a lot of sense to constantly examine how well your defensive infrastructure is actually performing, as the complexity of layered security, combined with the effect of daily change, makes it hard to assume any level of protection if you don’t,” said ESG senior principal analyst Jon Oltsik. “For many years people have done sporadic testing for compliance purposes, but what they’ve found is that by testing far more often and aggressively, they can reduce risk faster and get more out of their available resources.”
Not surprisingly, the expansion of continuous monitoring protocols was paralleled by a rise in the number of companies leveraging automated solutions in their network environments. More than half of those responding to the ESG survey indicated they now automated remediation tasks such as firewall management.
The mobile imperative
Mobility has been shading nearly all enterprise IT conversations in recent months, but rarely is its presence more important than in discussions of network monitoring. Whether or not a company has authorized a formal BYOD (Bring your own Device) programs, chances are employee-owned smartphones and tablets are accessing corporate networks and utilities. According to eWeek, even simply authenticating devices and sorting false alarms from legitimate threats can be an exhausting task for the average enterprise IT department.
As a result, companies may be better for taking out an insurance policy in the form a two-track approach to mobile device management. While establishing visibility over all the devices accessing your network is essential, more companies are starting to realize a focus on data protection and containerization may be a more sustainable approach.
Leave a Reply