VAR Panchayat

Cyber Security for Digital India

by VARINDIA 2017-03-21

A holistic approach to information security gives IT powerful centralized control over the management, access, and hosting of business-critical apps and data

Businesses put more on the table with every advancement in technology, so they have to effectively manage risks. As India takes steps towards a digital economy, the hacking targets go up exponentially. This fact is substantiated from the recent incident where 3.2 million debit cards issued by Indian banks were compromised due to a security loophole in the back-end infrastructure. In a separate incident, where millions of dollars were taken from banks when hackers broke into and gained access to SWIFT international transactions network, further highlights the fragility of the security setup in large complex ITenvironments.

A global survey by Citrix and the Ponemon Institute on IT security infrastructure found that 83 per cent of businesses around the world believe that they are most at risk because of organizational complexities,emphasizing the need to have a holistic look at the security posture. The results also found:

*79 per cent of respondents are worried about security breaches involving high-value information.

*The protection of apps and data is more critical than ever, with 74 per cent of businesses saying that a new IT security framework is needed to improve security posture and reduce risk.

*71 per cent say there is risk from their inability to control employee’s devices and apps.

As for planning for the future:

* 73 per cent say data management, 76 per cent say configuration management, and 72 per cent say app management are the keys to reducing the security risk over the next two years in building a new IT infrastructure.

*75 per cent say their organization is not fully prepared to deal with the potential security risks resulting from Internet of Things (IoT).

A holistic approach to information security gives IT powerful centralized control over the management, access, and hosting of business-critical apps and data. Organizations need five critical enterprise security capabilities to achieve complete coverage over what matters most:

1. Secure Apps and Data

As companies have expanded beyond headquarter locations to wellintegrated branch offices and overseas operations, access to corporate data has spread out.

For employees, third-party vendors and contractors, organizations must find a way to maintain appropriate levels of access to apps and data, keep information off endpoints, and monitor unusual activity to reduce security risk.

2. Secure Mobility

People are now accessing data in more places, often over untrusted networks, and often on personally owned devices where personal and business apps live side by side. All of this means a significantly increased potential for information loss or theft.

IT teams need to protect data and ensure compliance through a comprehensive enterprise mobile security approach that ensures technology and mobility strategy work together. With mobility, it is paramount to seamlessly deliver an unparalleled user experience and a comprehensive security coverage.

3. Data Loss Prevention

Intellectual property (IP) and other sensitive business data are prime targets for attacks. Information like trade secrets, customer records, business plans, and financial data are highly valuable to cybercriminals, state actors, hacktivists, and, in some cases, even malicious insiders.

IT and security teams need a proactive approach to security. By controlling data, and granting access to IP-based on each user’s needs while ensuring privacy, achieving compliance, thwarting attacks, and preventing data loss or alteration.

4. IT Compliance and Governance

Ensuring compliance is an important part of meeting legislative mandates and protecting your organization, but establishing sound policies, enforcing them, and monitoring are no longer enough.

Satisfying information governance demands takes centralized control, systematic logging, reporting, and auditing processes that are thorough enough to track users across apps and data, yet flexible enough to address emerging regulations and standards.

5. Business Continuity

Disruptions are inevitable, but they don’t have to slow your business. A well-designed business continuity plan that includes IT service continuity and workforce recovery will ensure the people running your business can remain productive. It also helps protect you from financial losses, damaged reputation, lost productivity, and weakened customer and partner relationships.

Organizations are increasingly looking to shift focus on securing their most important business assets – applications and data – looking to both simplify and strengthen security without compromising productivity.

From a technology perspective, there are five areas where IT teams should focus their efforts to improve the overall security posture of their organization:

1. Identity and Access

Up-level the enterprise security beyond user names and passwords by controlling access, authentication, and authorization to your apps, data, and network for employees and third parties.

2. Network Security

Protect the network and provide encrypted delivery of apps and data while ensuring 100-per cent uptime and performance. Technologies like software-defined WAN and intelligent application delivery controllers are leading charge in this space by helping organizations achieve security, Cyber Security Framework compliance, and risk mitigation through secure remote access, network segmentation, and access control.

3. App Security

Take control at the application level. Centralize your apps in the data center or cloud, and provide secure access regardless of device. This helps you protect sensitive business information and defend against zeroday and denial-of-service attacks.

4. Data Security

Secure enterprise data in the data center or cloud instead of on endpoint devices. Containerization, data encryption, and secure file sharing can reduce the risk of leaks and attacks, including on mobile devices, while helping ensure regulatory compliance.

5. Monitoring and Response

Advanced monitoring tools give you full visibility into your IT infrastructure. Detect threats, misconfigurations, and performance issues so you can respond fast and avoid user interruption. Comply with regulations and reduce the scope of security and compliance audits.

The modern enterprise workforce calls for deep, comprehensive security to keep data and applications safe no matter how people work – any location, any device, any access method. Best practices for security encompass identity and access, network security, application security, data security, monitoring and response to ensure both protection and productivity in every application/data access scenario.

The Citrix platform provides a unified approach to application, data and network security across the environment. Security has always been the core capability of Citrix, with security being ubiquitous across all the product offerings. With the increased use of mobile devices and BYOD, employees can now access corporate applications and data from their own devices both within and outside corporate network securely.

Citrix enterprise security solutions can protect your data, application and network as attacks of all kinds get more sophisticated. As more people need to access information from both inside and outside your corporate network, the need for the secure delivery of business-critical apps and data has never been greater.