Network security only as strong as your weakest link
The more things change, the more they stay the same. In the same vein as centuries ago when an impregnable medieval fortress would eventually fall if its supply lines were cut or disrupted, the same sort of fortress mentality presents a high network security risk in 2020.
While firewalls and clamping down on foreign devices in the workspace can be effective, what happens when the workspace is now wherever your team want it to be?
It’s a symptom of the fact business and technological evolution doesn't happen in a vacuum because both are impacted, influenced and shaped by social change (and vice versa). The latest change obviously being the move to remote working, driven by work life balance and the need for continuity in response to events like the Covid-19 pandemic.
To adapt Alexandru Tudor, the Chorus product manager – business connectivity, says businesses need to look outside the fortress and adapt to more of an anywhere workplace way of thinking.
“The upshot is that ICT managers can’t afford to just batten down the hatches. Thinking needs to move to the wider network needs where employees are geographically spread and this also encompasses the role of third parties in ensuring reliable lines of supply and supporting infrastructure.”
The PWC report, 'Cybersecurity in a digital business world', reveals that New Zealand companies are responding appropriately to security threats within their control e.g. safety of data. The survey found that 68% of local cybersecurity leaders will invest more in security as their business model evolves – but it’s the things that the business can’t control that are the issue: third-party suppliers.
The PWC report says that "In this digital ecosystem companies have to be mindful that every supplier and service provider is a potential avenue for a cyber-attack, and that they need to take appropriate steps and hold them to account for any breaches".
Continuity in a moving world
Tudor says that some would go further and argue that hacker attacks are less of a risk than the loss of network continuity through resilience and supply, which means securing the most vulnerable endpoints of supply and consumption to ensure availability.
“In a world where social trends like remote working and the Internet of Things are changing the way we work and play, the endpoints of supply and consumption are also shifting – employees have been required to work from home recently but even before Covid-19 came along there was a push for flexibility to allow staff to work from home, cafés and hot desks at shared space facilities."
“The complication is that everything, even 5G, ultimately begins and ends with a physical cable. Like Auckland’s roading network, there is only so much room through supply lines and the sheer volume of traffic is growing in leaps and bounds,” Tudor says.
The Internet of Things – for example, driverless cars and smart rubbish bins that tell collectors when they are full – are features of the future, and, a clear warning that points of consumption are not only increasing and becoming increasingly diversified – they’re also becoming more mobile.
Securing continuity of supply
As it stands, Tudor is quick to point out that Chorus runs an uncongested, high performance and very secure fibre network.
"We design our network to the highest standards and only use quality equipment from recognized global vendors, such as Nokia. In addition, we’re constantly increasing capability as new technology becomes available." He says when it comes to mobility Chorus has also moved to address the issue of security of continuity in the supply of business grade broadband via:
- Point-to-point fibre
- Ensures customers don’t have to share the network with anybody else and also offers the option to request a second redundancy line that follows an alternative route in the event of, for example, somebody putting a spade through the cable.
- VLAN Transparency
- VLAN transparency enables a customer to set up private, logical connections across their network, which then follow specific paths. This leads to improved security, performance, and potentially fewer points of failure.
- Restore Guarantees
- Given the transmission of data is protected via encryption, the biggest vulnerability to a network, believe it or not, is physical disruption such as when somebody puts a spade through the cable. Service level agreements from Chorus offer customers (via retail service suppliers) guaranteed uptime and response levels whereby Chorus offer enhanced response times and same-day restoration guarantee.
Tudor says even with all the benefits of security offered by the Chorus network when it comes to specifically holding suppliers to account over any breaches, it’s like closing the stable door after the horse has bolted.
“The smarter action is to partner with suppliers who can consistently demonstrate that they have robust, well-maintained cybersecurity infrastructure, policies and practices in place,”