Whether it is a multi-vendor solution or a single technology, it is essential that there are features that show the source of the attacks
Rodrigo Alabarce*
We all know that companies need a great technological apparatus to carry out their activities and processes. It includes a high-performance network infrastructure, operating systems, cloud storage and especially Internet access. And it is precisely because they are so scanned that malicious attacks for information theft become increasingly frequent in the corporate market.
Here in Brazil, issues such as users’ knowledge lack about security systems, coupled with ineffective laws for the cybercriminals punishment, already place the country among the first in attacks number in Latin America. In this view, it is essential that companies worry about security solutions and invest in technologies that prevent attacks on the computer network.
From the experience I bring in information technology, on average, every ten companies, seven have some professional concerned about security. This professional usually works in the IT field and does not have a security expertise, so he relies on the best practices on the market to make information security decisions in his network environment. The fact is that what is good for one company is not always good for others.
When it comes to information security, you have to hire real security. It does not simply mean buying solutions, but rather deep current business needs analysis. It is because, there are factors that interfere with a good project progress. For example, when the company uses equipment from different suppliers to assemble a solution.
This is because, in many cases, the security-focused solution is built by different professionals who join the company but are soon replaced. In order to improve performance or scale the equipment, they will acquire and integrate equipment from several suppliers. In any case, it is also a good alternative for acquiring technologies at more competitive costs, but these devices working together may not work very well.
In this case, it is necessary to look at the environment performance and evaluate if the project is well designed, if the configuration is aligned with all technologies, avoiding problems of slowness and failure to trace information -factors that open up for an attack to be Successful.
Attack monitoring
In solutions integrations for information security, whether by solution formed by several suppliers or by a unique technology, it is essential that there are functionalities that show the origin of the attacks. With this visibility, it is possible to extend the company protection possibilities.
But a big problem in the information security market is that even when acting with technologies that give visibility to avoid cybercrime, there are few companies that manage the reports offered. A daily scan would allow an attack source tracing and ensure a solution identification in a short time, avoiding the corporate information loss.
Ideally, companies should do this monitoring via SOC – Security Operations Center, to detect security incidents, or have their own personnel to analyze the claims, as the security equipment (firewall) sends a warning via email warning about the intrusion, but if no one is aware of the reports the malware will go through the network and the attack will happen.
With threat analysis, the company intensifies and accelerates its security process. In addition to identifying the attack, it is critical to act through a proactive team, which moves forward when an attack is detected. For example, if an e-commerce site is attacked in order to be dropped, and the system shows that the attack has reached the database level, it is possible to interrupt this database and activate the contingency plan to maintain the system database integrity.
Adding adequate, well-configured technologies to the dynamic IT professionals performance will help your business reduce the time between detecting an attack and solving the problem. This model will only be effective if among your company’s priorities is an information security plan that counts on prevention through constant update monitoring and technologies performance.
*Rodrigo Alabarce is CEO at Nap IT.