CYBERSECURITY is a moving target, and what you think you know today may change tomorrow. Knowledge is power, though, so channel pros need to stay on top of trends and developments in one of the industry’s most important segments in order to keep their customers safe.
Security expert Mike O’Hara uses a simple analogy: “You wouldn’t cross Fifth Avenue during rush hour without looking both ways. Yet people every day do what I consider to be the digital equivalent of crossing Fifth Avenue at rush hour against the light without looking. They go online with little understanding of what threats are out there.”
To help guide your customers safely across the cybersecurity thoroughfare, here’s a primer on “everything you ever wanted to know about the newest security concepts and product categories but were afraid to ask.” Our experts add their thoughts on the good, the bad, and the ugly.
Terms and Tips
artificial intelligence/machine learning: in the context of security, a system that helps identify, analyze, and mitigate cyber risk by consuming and learning from large amounts of structured and unstructured data sources
“People are starting to understand that [the] reactive mode of cybersecurity just isn’t cutting it,” says O’Hara, adding that “predictive defense” leveraging machine learning will be a big trend over the next five years, and that MSPs should start partnering with vendors that are building AI into their platforms.
It’s a concept that MSPs who use RMM solutions that can predict things like hard drive failure should be able to relate to, O’Hara says. Similarly, AI-based security products will enable MSPs to proactively identify and mitigate attacks.
baseline: establishing a customer’s current IT infrastructure, processes, performance, management, and security solutions
Before providing security services, MSPs need to first identify what’s currently in place (a baseline), says Jay Ferron, chief technology officer at Interactive Security Training. “If they don’t know the services that are running, if they don’t know the configurations of their customer’s environment, they’re never going to know if somebody’s hacked or changed something that wasn’t authorized.”
browser isolation: sandboxing your browser so it doesn’t interact with the rest of your system
This is absolutely something people should be doing, O’Hara stresses. “What do you call an application that runs on Internet Explorer 6?” he asks. “You call it a Windows application, because it’s still tied to the operating system.” That hasn’t changed with the switch from IE to Microsoft Edge, O’Hara continues, so isolating the browser from the rest of the platform is critical.
cloud access security broker (CASB): on-premises or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers (Gartner)
“CASB was a category name made up for solutions that would sit in your gateway and monitor all your connections to Salesforce, for instance,” says Richard Stiennon, chief research analyst at IT-Harvest. A CASB “could enforce corporate policies about access to Salesforce, and it could also encrypt data that’s being put into Salesforce. Then, of course, those gateways could add all sorts of other applications as more and more software became SaaS delivered.” The downside is that a CASB can cause congestion and performance issues, he adds.
Stiennon expects emerging cloud security platforms to overcome these issues, citing Zscaler as an example. “Every user connects through Zscaler to the apps they need, from any device or location.” Stiennon says this approach helps not only with mobile device security, but eventually Internet of Things (IoT) security as well.
data loss (leak) prevention (DLP): identifying and monitoring sensitive data to prevent unauthorized access
Organizations set rules around what types of data cannot be transmitted outside the corporate network, such as credit cards and Social Security numbers, Stiennon says. DLP tools such as those from Symantec, SecureTrust, McAfee, Check Point, and Digital Guardian catch and block that exfiltration.