Overlooking the security of your organization’s technology core
Due to the impact of COVID-19, workforces that were once housed in distinct locations, are now dispersed across the globe. Despite this displacement, it is critical that work continues as if employees were all in their physical office spaces and able to access and use applications, data, and services at all times from anywhere in the world. As such, the network is the foundational technology that allows organizations to perform efficiently on a daily basis among this dispersed workforce. Network Infrastructure[1] spans multiple hosting environments, fixed and mobile devices, and several forms of IT infrastructure, all of which enable different aspects of an organization's business to work together. However, just as networks are a key enabler for such disruptions, they have also become a larger source of extended risk.
Network Susceptibilities
In an effort to adapt to remote work, organizations have pushed to undergo digital transformation efforts to allow employees to work as effectively and their business to run with as minimal drawbacks as possible. Knowing this, hackers are now seeking out newly susceptible areas to attack. As a result, organizations must now focus security teams on many additional areas across their IT landscape to identify and protect against potential vulnerabilities. With this game of catch up and new issues continuously surfacing, especially with large moves to the cloud and supporting a distributed workforce, there remain security gaps within an organization's network which are usually overlooked.
Organizations are also beginning to employ automation capabilities in other aspects of their IT departments, but they often settle with their current legacy network because it is “good enough”. However, “good enough” is exactly what hackers are looking to target, especially when even the most protected networks can be breached. For example, Universal Health Services, one of the largest healthcare providers in the United States was hit by a ransomware attack. The attacks began with phishing, and hackers were able to find a vulnerability in the network configuration, leading to full domain-wide encryption in just five hours. As a result, some hospitals had to resort to filing patient information with pen and paper - an extremely tedious task, especially during a pandemic.
Automating the Network
Limiting the growth of the network and settling for “good enough” can lead to IT personnel shortages, human-introduced errors, and constant patching and updating of devices through manual efforts. To get a better handle on each, organizations need to consider network automation.
It can seem like a daunting task that may displace talent; however, it can empower network engineers and free their schedules to lead new innovative strategies as organizations increase their digital transformation efforts. All the while, human touchpoints are reduced, helping to mitigate human-caused vulnerabilities without slowing down business innovation and performance.
As security vulnerabilities are exposed within a network device's Operating System, IT teams must also rush to upgrade these devices, in order to prevent hackers from exploiting the vulnerabilities - which could be in the hundreds or thousands. Keeping things manual and avoiding automation could take months to address these risks, leaving the organization even more exposed to an attack. Automating this process will close this gap and help IT teams to address these threats in days or weeks instead of months or even years.
By reducing human touchpoints, organizations reduce human error and cut down the time it takes to fix issues within the network. Network engineers and security professionals will be empowered to handle other more prominent issues within their technology landscape, keeping distributed employees working as normal and properly extending the digital transformation journey with limited risks. This can only be done by introducing automation into a network. In this time of dispersed, remote workforces it is essential to shore up security vulnerabilities, and in doing so, organizations can break away from the risks a “good enough” network creates.
About the author: Rich Martin is a Senior Technical Marketing Engineer at Itential. Previously, Rich has worked with several networking vendors as both a Pre-Sales Systems Engineer and Systems Engineering Manager but started his career with a background in software development and Linux. He has a passion for automation in the networking domain, and at Itential he helps networking teams to get started quickly and move forward successfully on their network automation journey.