Dan GriffinWelcome to the 25th edition of the JW Secure Informer, our bi-monthly newsletter. This is an opportunity to share what’s on our radar, specifically with respect to enterprise network security, but also regarding IT and business more generally.

The Informer is intended to be useful content and good for a quick read. So if it’s just clutter in your inbox, we’ve failed, and I hope you’ll let us know.

Secure the Endpoints, Secure the Network

Building a house is like building any large project: it’s created from subassemblies, and those subassemblies are made from smaller pieces.

It’s the same with network security: a complex network can be protected by securing the subnets, and the subnets can be protected by securing the individual endpoints. So, while securing the network of a multinational corporation or a battlefield or any other mission-critical network is definitely a daunting proposition, it can be done—as long as you do it systematically, brick by brick and node by node

JW Secure imagery of building blocks gone awry.

Even with that, heterogeneous devices can make the job of an IT security pro challenging. It’s like building a house using bricks of all shapes and sizes instead of adopting one uniform standard. The difficulties multiply.

Conflicting specifications are common in IT. After all, many different types of computer network nodes exist—from firewalls to Windows® Surface™ RT. Each device type has different security features and management capabilities. The good news is that each device also has a list of best practices describing how to configure and operate it securely. And—more good news—unlike just a year ago, the latest consumer devices now in the workplace are increasingly being built with enterprise-friendly security capabilities.

By configuring each type of network endpoint to the best of its security capabilities, we can achieve a reasonably high level of security across the network.

In the pursuit of that goal, however, don’t miss the forest for the trees. If you exclusively focus on the individual network endpoints, you may overlook opportunities to treat the network holistically. An example of a big-picture opportunity to protect the network is Security Information and Event Management (SIEM) and systems used to monitor a network for illegal activity. By getting caught up in the widely disparate capabilities of the node types that need monitoring, ways to aggregate reporting can be missed.

Securing a network is a complex task. Like building a house, it can require three-dimensional thinking. But the challenge is part of the reward.