Singapore’s Internet cutoff (and the resounding silence from the industry): Page 2 of 3
By Benjamin Cher June 16, 2016
Security and the air-gap myth
Segmenting networks for security is a measure that hails back to the 1990s, when putting a so-called ‘air-gap’ between systems was actually feasible.
However, does such a measure have a place in today’s digital age, or is this a case of yesterday’s solution for tomorrow’s problem?
“There are solutions to security issues that overcome challenges presented by users, without needing to block access to the outside world,” said Avaya’s Spence (pic above).
“One way that organisations can cope with increasing threats to security is through software-defined networking (SDN).
“SDN can help organisations secure their networks and keep hackers at bay through a variety of methods,” he added.
According to Spence, these methods include:
- Micro segmentation: SDN would allow organisations to split the network into secure isolated zones. An attacker, whether and external hacker or even a disgruntled employee, would not have access to any network services outside of their allocated zone.
- Stealth networking: SDN allows the entire network between source and destination to be hidden, and attackers probing your network would only see a black hole instead.
- Dynamic network workflow automation: SDN’s inherent simplicity and openness, argued Spence, present the opportunity to design an automated workflow that is put into motion once triggered. As an example, the network can detect that a contractor’s laptop in one of the bank’s offices is transmitting some suspicious traffic patterns. It can automatically create and move the machine into a new quarantine zone to put it under full forensics, pull in the CCTV cameras of that area, and put the administrators remotely on the same video call so they have full eyes on the attacker’s location.
“We are moving to a new age when attackers are constantly finding innovative ways to penetrate security layers. Although security solutions are also advancing to keep up with the next cyberthreat, it is hard to predict where and how the next attack will take place,” said Spence.
“However, each organisation has the responsibility to weigh the threats against the benefits of a connected economy, and make a decision that results in the best outcome for stakeholders,” he added.
Meanwhile, Justin Chiah, director and general manager of South-East Asia and Taiwan at Hewlett-Packard Enterprise’s Aruba, noted that employee productivity is tied to having ready access to the necessary organisational tools and applications.
However, he also noted that “government organisations, like private firms, have the arduous task to uphold data integrity.”
“It is with this best intention that each will aspire to put in the right security framework to facilitate rigorous data protection strategies, technologies and policies to protect confidential data and intellectual property,” he added.
SAP’s Rushworth also noted that other institutions have already adopted measures similar to the Singapore Government’s move.
“As security is in the vital interest of governments, businesses and individuals, every organisation should view this in terms of their risk management priorities and nature of operations,” he said.
“In fact, such a measure is already in place in institutions that deal with high volumes of sensitive data, such as the banking and finance industry. Such institutions typically limit employee access to the Internet, or they restrict Internet access to only specific roles,” he added.
This is not a panacea to cybersecurity problems, acknowledged Rushworth, stressing the need to refine policies.
“The Government has taken a unique approach to deal with a unique challenge it faces. Still, we have to bear in mind that such a measure only solves part of the cybersecurity problem, and is not a cure-all to all threats,” he said.
“As security technologies continue to advance alongside with the growing threats, we are certain that the Singapore Government will continually refine and improve on its policies,” he added.
Cybersecurity vendor RSA Security believes that ultimately, identity and access management would be more effective than a complete cut-off.
“The proliferation of smart devices, complemented by the adoption of the cloud, means that employees are increasingly mobile and that they can access company resources at anytime, anywhere, from devices like smartphones, tablets and laptops,” said Michael Lee, RSA Asia Pacific & Japan security evangelist.
“In terms of cybersecurity, we believe the ideal approach would be to account for people, processes and technology,” he told DNA via email.
“Just as identification is necessary for entry into certain facilities, ensure that the proper identity and access management controls are set up so that the rightful have access to corporate resources when the data needs to extend beyond the organisation’s network.
“For an organisation’s administrators, being equipped with visibility and analytics into the digital environment and to the movement of high-risk data assets through the network, can provide perspective into understanding if it’s a business-as-usual operation, or the work of a potential attacker.
“The ability to make a swift and appropriate response to prioritise the most effective action to take is key to ensuring organisations aren’t distracted by ‘nuisance’ intrusions while a potentially damaging event occurs,” he added.
Aruba’s Chiah (pic) also noted the proliferation of devices and increasing consumerisation of enterprise IT assets.
“But it is not about the number of devices per se, but how an organisation looks at providing a security framework that adapts to this trend.
“In fact, with the Internet of Things (IoT), the number of devices will increase exponentially. The key here is to build a security framework that adapts to this possible eventuality,” he added.
Next Page: Wait, what about smart government and engaging with the people?