NEWS
Securing Apps to protect Network
By VARINDIA - 2017-04-28
From the early age of computer technology, programs would support the work of teams within businesses, store data and documents on owned servers that were on-premise. The computation and storage of this data would be done through significant infrastructure on campus. Users could only access this data by being physically present at the work terminals. As companies began storing increasing amounts of valuable data digitally, IT security spend increased accordingly. Firewalls and antivirus programs protected information, keeping it safely locked up inside the office.
Companies migrated to web-based services, heralding the beginning of the work-from-home revolution. It empowered employees and reduced the need for storage and hardware, at a cost, of course.
App Revolution
During the last few years, with the advent of apps, we have seen a revolutionary change in the way business is conducted. Companies have witnessed raised efficiencies, unlocked potential revenue streams and go-tomarket strategies across the industry sectors. Apps also empowered the staff beyond the IT teams that were not specially trained.
There is an affinity to use apps that help people manage and streamline their day-to-day tasks. Many such apps include Workday for HR, Microsoft Office Suite for productivity, LinkedIn Sales Dashboard for lead generation and using a host of communication apps which are integral to the entire workload of teams and businesses.
In India, most people leapfrogged onto using apps for doing business, thus unlocking productivity and increasing efficiency. Indians are extremely comfortable in using apps for communication (WhatsApp messenger has a 91.72-per cent weekly active penetration rate). In fact, the top three apps in India are used for communication and networking. The speed and ease-of-use makes users opt for these apps while not realizing the exposure to the valuable data that resides there.
Securing New Perimeter
Nefarious operators have been quick to spot the opportunity that apps present. All those firewalls and password protected desktop computers are just not worth attacking anymore. However, apps present a much easier target, as security has been overlooked in favour of speed and user experience in the development stage.
The industry has long described the variety of security solutions needed as a castle protected by crenulations, a moat, a drawbridge, and anything else the business has the resources to invest in.
But if we are going to follow this analogy, the reality is the king has left the castle.
The data, identities and access that represent so much value for blackmarket operators are all outside the protective walls in apps.
Gartner revealed that 90 per cent of the IT security budgets are spent on protecting the traditional network perimeter, i.e. The castle. But 72 per cent of today’s security breaches are not within the traditional perimeter, they are due to compromised user identities and vulnerable applications.
Apps’ unique vulnerabilities
If you are part of the 60 per cent of people we asked in the 2016 State of Application Delivery Report who use 10 or more apps, there is a reasonable chance they will be vulnerable. Attacks such as SQL injections and TLS protocol exploits are particularly effective against apps.
WhiteHat Security reports that applications are regularly vulnerable 151–270 days a year in more than 50 per cent of cases. Consequently, for more than half of businesses, over half their applications are regularly vulnerable half the time.
Deploy an insecure application, and you risk breaches, regulatory fines, downtime, and damage to the business. Deploy an application with excessive security policies, and you increase operational complexity, leading to inefficiencies and loss of productivity.
To deploy applications with the right level of protection, without excess overheads, and as fast—or nearly as fast – as the business would like, you need to take the best parts of your enterprise security practice and fuse them with the flexibility of cloud deployment. This can help organizations defend their critical applications at the load-balancing level against sophisticated and numerous attacks.
With a heightened sense of vulnerability among companies in India, there is a growing demand for virtual security solutions. Designing hybrid environments ensures businesses’ applications are prepared from a security perspective, without compromising on efficiency and speed.
Security services must be deployed as part of an integrated system that deploys all of the application delivery services required. This means different security policies are matched to the requirements of different applications. It balances protection with agility, giving businesses and end-users the operational efficiency required in this app-driven world.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.