Security Think Tank: Creative thinking key to meeting emerging security challenges

The concept of a clearly defined network perimeter, with controls deployed to defend against unauthorised access, is becoming obsolete.

An increasing number of employees now work remotely, with their physical location of little relevance to the business or people with whom they are collaborating.

Other developments, such as cloud computing, have hastened the displacement of network boundaries, and while these new ways of working increase productivity, they pose difficult questions for security practitioners.

The idea of a strong front door, with everything behind it being secure, does not apply in a perimeterless network, meaning visibility and administration of internal network infrastructure is crucial. These two key processes have been simplified in recent times by the development of software-defined networking (SDN), a centralised approach to configuring, controlling and operating networks.

SDN’s centralised nature provides a more efficient application of security policies, with greater visibility allowing for better network segmentation. This gives greater control of any rogue code that might enter the network, enabling it to be quarantined, diverted for analysis or generally limited in its opportunities to propagate.

Another benefit of SDN is the enhancement of network monitoring, thus enabling better anomaly detection.

While SDN can limit malware infections to a particular segment, this may not stop the rogue code from affecting important services therein. Containerisation, the execution of applications within a virtualised operating system, can help limit these effects. Each application is self-contained, meaning rogue code should not be able to access other applications or data on the same physical or virtual machine.

Due to the agile nature of containerisation, applications can be replaced quickly while the rogue code is quarantined within the containerised application. Should the rogue code attempt to access, exfiltrate or modify data, more traditional controls can be implemented, such as encryption, to help retain the confidentiality and integrity of information assets.

Perimeterless networks and zero trust security represents the future for some very large organisations, with Google’s BeyondCorp initiative being a good example. The removal of a defined network boundary poses a range of new challenges for security practitioners, particularly as business models and the threat landscape evolve.

Creative thinking becomes ever important as solutions to such challenges may be found in both traditional controls and new developments not intended as security solutions, such as SDN.