In May, we posted the results of our network protection survey, which looked – among other things – at best practices in companies that were highly successful at network security. In this post, I wanted to drill down into these best practices, and how to achieve them. Some of the recommended actions have the added benefit of positively influencing multiple outcomes, so organization can benefit by prioritizing these actions first.
Recommendation #1: Get rid of departmental silos. Among survey respondents, there was a high correlation between those who reported best results with those who enjoyed a high level of cooperation between network, security, and application teams. You may need to retain data silos to ensure privacy and security, but colleagues should be made aware of those limitations. Technology can be a great facilitator to enforce essential policy and remove artificial boundaries or silos that limit data sharing across groups.
Recommendation #2: Pay attention to operational realities. In network security and network operations (and probably most areas of the enterprise), technology alone will not alleviate certain realities about doing business. Technology must be part of a strategy to optimize processes and help people make intelligent, intuitive decisions based on information (not data) and enriched with the right context.
Recommendation #3: Prioritize based on risk analysis. Actions should balance risk and reward. That requires laying the foundation for intuitive decisions with information and context derived not from all data, but from data required to provide a perspective on risk and impact on the business. Human beings should not have to correlate data themselves or use guess work to determine impact. To prioritize properly, they must have as much aggregated context as possible (that’s why getting rid of silos is so important).
Recommendation #4: Be realistic about security staffing. Finding staffers who are experienced in three key areas – networks, security, and applications – is no picnic. Sometimes finding an expert in just one area is difficult. If you do find them, they’re likely to be expensive and in demand. That’s why it’s important to look for technology that reduces the need for adding staff with cross-departmental expertise and can augment existing staff with insight that would have required additional manual work or resources.
Recommendation #5: Automate routine tasks. Automation has value beyond avoiding mundane tasks and freeing people to make better decisions. It helps reduce delays and errors, as well as identifying incorrect or inefficient processes, while avoiding ad hoc workarounds. As survey respondents reported, automation institutionalizes tribal knowledge and allows staff to react more consistently when faced with certain situations.
Perhaps our key recommendation from the network survey is to remember that every solution encompasses people, process, and technology. Overreliance on any one is hardly ever the right answer or approach.
