sb-au logo
Story image

Avi Networks: Using visibility to build trust

21 Mar 2019

Article by Avi Networks Australia and New Zealand regional vice president George Tsoukas

Trust is a fickle concept in IT security.

Users trust that applications are secure up until that trust is violated — like after a vulnerability is exposed or after an outage or breach.

In other words, trust is something IT professionals are acutely aware of, especially when they don’t have it.

Today, so many enterprises place blind trust in application security.

They trust cloud providers because the status page shows a green light, they trust that their policies are sufficient because the application is still available, and trust the network because packets are flowing.

But it’s what they don’t see that hurts them.

Even more importantly, enterprises are wanting to gain the trust of their customers, but are often found blindly defending themselves, making excuses for outages and pleading for forgiveness on social media platforms – simply because they can’t get to the root cause.

No CIO, or any executive, wants to be the focus of thousands of customer attacks on Twitter.

Security threats and vulnerabilities are usually discovered only after the damage is done.

IT teams then react to the security threat and spend days collecting and analysing information for a post-mortem.

Policies and procedures are adjusted, and they trust blindly that they have resolved the issue until that trust is violated again.

Rinse and repeat.

Security functions only as we define it to work, not as we intend for it to work.

This is why 25% of data breaches are tied to human error.

IT teams can take a more proactive approach to security by focusing on providing visibility into their applications, infrastructure, networks and end-users.

By capturing and analysing data in real-time, anomalies and threats can be detected and avoided before any damage is done.

While many traditional appliances in an enterprise stack sit at a strategic position on the network with access to critical data, they aren’t architected to leverage that data to improve visibility, troubleshooting, and security.

Modern application services solutions, built on software-defined principles, have the flexibility to capture and process this data across data centres and clouds.

While these next-generation solutions can enhance security with existing applications, they are absolutely necessary for microservices and container-based applications.

With the rise of technologies like Kubernetes and Istio, the visibility and security paradigm is beginning to shift.

Microservice applications can be distributed across hundreds of containers, each requiring unique communication and security policies.

Visibility, also referred to as observability, is a core tenet of modern application architectures for basic operation, not just for security.

Businesses rely heavily on applications and IT.

And as the number of applications and the complexity of these applications increase, operations teams can no longer rely on reacting to security threats.

They need to stay a step ahead and fast-track their root-cause analysis to get to the source of the issue in their infrastructure.

Modernising enterprises need to secure and trust their applications and infrastructure, but they can’t achieve this using tools and services that don’t give them the visibility they need to drive their application strategies and, ultimately, their business.

Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More
Story image
Report: Brute-force attacks feed on remote working vulnerabilities
A new report from ESET has detailed the extent to which attackers employ brute-force tactics to infiltrate remote desktop protocols.More
Story image
Phishers cash in on the COVID-19 pandemic - how to avoid being reeled in
As the crisis continues to play out, the onus is on the rest of us to remain on high alert, to ensure our systems and data aren’t infected with another kind of virus.More
Story image
Inteview: Mimecast security expert on why email attacks are more successful than ever
Techday spoke to Mimecast Australia principal technical consultant Garrett O’Hara, who walks through why security experts are becoming increasingly pessimistic about email-borne attacks.More
Story image
Australians ignoring cybersecurity policies in favour of productivity
Trend Micro has found that 67% of remote workers have increased their cybersecurity awareness during COVID-19 related lockdowns. However, despite greater awareness people may still engage in risky behaviour, the survey finds.More
Story image
IT pros report increase in security issues due to remote working
Security issues, IT workloads and communication challenges have all seen significant increases in the new remote working era, according to new research from Ivanti.More