ITNewsAfrica logo

linkedin   twitter icon   facebook


Does Wi-Fi network compliance equal corporate data security?


JOHANNESBURG – August 08, 2017 – If a network is compliant with regulations, does that mean it’s secure? Unfortunately for both IT professionals and businesses, it does not.

“Compliance is not security, but security can be compliant – with a set of requirements and guidelines that ensure data is confidential to authorised users, has integrity, has not been changed or modified, and is available on demand,” says Anton Jacobsz, managing director at Networks Unlimited, an African value-added distributor of NETSCOUT solutions across the continent.

He adds that compliance is about making choices to implement security controls in an organisation aimed at keeping data safe and secure, but also available. “After all, critical data, like customer lists and corporate secrets, would be useless if it were not available to your employees.”

“To protect it data, first put on your Hollywood screenwriter's hat and think of all the bad things that could happen to the data, the devices it resides on, and the networks that carry the devices. This process is designed to identify risk and build a set of requirements that will mitigate it – in a threat model,” continues Jacobsz.

Threat modeling identifies resources of interest to hackers and thieves and brainstorms the feasible threats, vulnerabilities, and available security controls. TechTarget defines it as a procedure for optimising network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system. In this context, a threat is a potential or actual adverse event that may be malicious (such as a denial of service) or incidental (such as the failure of a storage device), and that can compromise the assets of an enterprise.

“Yes, assume there will be attacks, because you need to make data available for use, and that one or more attacks will be successful,” highlights Jacobsz.

He further points out that if you look at security as a process, it becomes a series of battles where you will win some, lose some, and hope you don't lose a lot. “Otherwise, you will be out of data and out of business in a short period of time,” states Jacobsz.

Some guidelines for managing and securing mobile devices in the enterprise are for IT to restrict access to hardware and software; manage wireless interfaces, monitor and report exceptions; require authentication to access company resources; and restrict app installation.

To meet the above goals, it is recommended to first identify the devices that an organisation intends to support in terms of their features, such as: network services including cellular, wireless, Bluetooth and Near Field Communication; and built-in vs. non-removable storage. Also consider external, removable storage (Flash memory, USB) and digital cameras.

Then, build a threat model for worst-case scenarios, followed by a compliance policy to combat these, such as: use of untrusted networks, interaction with untrusted systems, use of untrusted content over the network, and use of global positioning system and location services.

“We have realised that organisations across Africa are faced with the challenge of developing a WiFi compliance policy. NETSCOUT’s AirMagnet solutions in the region can however play an active role by enabling detection, planning, compliance monitoring and troubleshooting of all smart devices, thereby successfully harmonising BYODs into an organisation’s IT, governance and security infrastructure,” concludes Jacobsz.

For more information, please contact John Hindley, NETCOUT business unit manager at Networks Unlimited: john.hindley@nu.co.za.

About NetScout Systems, Inc.
NetScout Systems, Inc. (NASDAQ: NTCT) is a market leader in real-time service assurance and cybersecurity solutions for today’s most demanding service provider, enterprise and government networks. NetScout`s Adaptive Service Intelligence (ASI) technology continuously monitors the service delivery threats, helping teams to quickly resolve issues that can cause business disruptions or impact user experience. NetScout delivers unmatched service visibility and protects the digital infrastructure that supports our connected world. To learn more, visit www.netscout.com.

About Networks Unlimited
Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Fortinet, F5, Mellanox, ProLabs, Rackmount, RSA, Rubrik, Silver Peak and Tintri. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market. Networks Unlimited complies with the South African Broad-Based Black Economic Empowerment (B-BBEE) guidelines as a Level 4 Contributor.

Networks Unlimited, Chriselna Welsh, +27 (0) 11 202 8400, chriselna.welsh@nu.co.za
icomm, Debbie Sielemann, +27 (0) 82 414 4633, debbie@pr.co.za, www.icomm-pr.co.za




ITNewsAfrica logo

Download Button