Architecting for Smart Security
You can tell when a building has had the benefit of a smart architect. Everything about it shows forethought. It just works. One of my heroes, William Krisel is noted for making Modernism livable and affordable. But what’s more important is his philosophy: that the indoors and the outdoors should be inseparable. I see security the same way. Forethought, visibility, and a 360-degree approach.
This week, we’re launching a new security architecture: IxSecure. At the heart of it is the argument we can no longer rely solely on good defense to secure our businesses, and the resources to back it up. Attacks get launched because someone identifies a vulnerability, and vulnerabilities come from exploiting defects. A 360-degree approach to security is about finding and fixing vulnerabilities earlier. IxSecure is about driving security offense as much as defense. Not only does it reduce your vulnerability; it also ensures that if there is a breach, you can minimize the cost to remediate with early detection.
The later you wait to resolve a defect, the more it costs to fix. According to research conducted by the Ponemon Institute, resolving defects in a live system can cost 90 times more than fixing them in development.
We all know that market pressures can sometimes drive businesses to rush to market prematurely. We’ve gotten used to the idea of beta releases and sadly, fixing on the fly has become acceptable. But from a security standpoint, this can be a costly shortcut. By the time your application has tens of thousands of customers, implementing fixes becomes way more complicated. And threats become a much bigger problem.
So what’s the solution? Laying a foundation that integrates products and services to address four major challenges throughout the security lifecycle: develop, train, monitor, and defend. When you take this approach, you end up with greater security, yes, but also better visibility, which leads to more efficient and effective operations.
Businesses that don’t think about security from a 360-degree perspective often end up throwing one defensive product after another at the problem and end up with something akin to The Winchester Mystery House: a mansion built without an architect or plan, with staircases that go nowhere, windows that face walls, etc. You get the picture.
Whatever your style of architecture, if you want it to be secure, you can’t just have a partial view. Learn about the Four Pillars of Security in Ixia’s IxSecure Architecture. And, if you happen to be at RSA next week in San Francisco, stop by our booth at RSA--3201 North Hall.