While 20 percent of the connections to a network are unknown, despite the investment of millions of dollars in security technology, it is critical to identify all connections within an enterprise. This 80-20 rule requires a premier discovery solution, one that will define a network perimeter and validate that unknown connections do not exist. Performing this audit starts with “fact-based' compliance reporting that provides continuous monitoring and shows that protective measures are in place involving sensitive corporate and individual data. This process automates audit reporting on a network's infrastructure, allowing companies to configure their IT policy guidelines to meet specific conditions and threats.
For example: The exponential increase in the use of connected devices, distributed management environments and changing circumstances – all of these events underscore the necessity of leaving nothing to chance. In other words, 20 percent of a network cannot be left unguarded. There must be continuous monitoring of security controls and comprehensive cyber situational awareness. These are the very building blocks of a proactive brand of network security. Without these tools, security analysts rely on locally focused specialty products, which do not encompass that critical 20 percent, leaving complex systems vulnerable to attack or serious compromise.
And, while a variety of monitoring products exist, continuous network monitoring without visibility in the state of the network as a whole leaves inherent gaps in defenses. Instead, the right form of network security can – and will – support continuous monitoring and network security management initiatives, enriching cyber situational awareness with active network discovery to produce a common operational picture of an entire network's infrastructure.
This approach also reviews non-responding networks, while including the leak detection necessary to spot potential problems. Again, resolving this 20 percent variable requires skill, insight and effective resources. Without those strengths, too many networks are open for attack, theft and other malicious acts. We must address this issue with absolute speed.