Top seven in 2007 #2: resolutions for IT security managers
Vernier Networks issued a list of “Top Seven in ’07” IT security predictions and resolutions to help IT security managers improve overall security and increase enterprise-wide control and compliance. List of their predictions is located here.
IT Security Managers’ Top Seven in ’07 Security Resolutions
1. IT will assess its overall security by deploying end-to-end security-risk management solutions that monitor perimeter, datacenter, network-infrastructure and endpoint-security risks and vulnerabilities.
2. IT will gain complete visibility into all internal network activity by employees, guests, contractors, and business partners. The visibility must be continuous, identity-based and highly detailed. Further, IT will be able to detect and monitor network activity, application usage and content exchanged to prevent the loss of corporate information such as trade secrets, customer information and intellectual property.
3. IT will deploy an extra layer of security inside the network to secure IT corporate assets from unauthorized access, as well as the internal proliferation of spyware and malware.
4. IT will develop and enforce corporate endpoint-security compliance systems to ensure that end-user devices comply with security policies prior to being granted network access.
5. IT will automate its security operations allowing it to block attacks and intrusions in real-time without having to resort to lengthy and expensive forensic and log-management solutions to detect attacks after they have occurred.
6. IT will implement corporate-wide security dashboards allowing organizations to correspond endpoint-security posture with detailed network-usage telemetry data based on identities stored in corporate directories, such as Microsoft Active directory.
7. IT will start planning for the internal usage of IPSEC VPN solutions, especially with the adoption of Microsoft Vista. Security solutions will be aggregated at VPN termination servers strategically deployed within the network switching fabric. Network Access Control appliances will be used as the platform for internal security policy enforcement for VPN and traditional clients.