Story image

To upgrade or not to upgrade – that is the security question

25 Oct 2017

When we think of security, we probably think ‘software’ first. But software runs on hardware, and if network security and access appliances are aging, a security profile may be crumbling – without an organisation being aware of it.

Network security and access appliances sit at the edge of the network, determining who can be let into the network and how much access they should be given. Since security threats are evolving by the day, these appliances need up-to-date software to protect both company and users from harm.

But let us consider the vulnerabilities of outdated hardware appliances. If appliances are three or four generations old, the latest software versions are likely not compatible with existing hardware, so the business is left running out-of-date software.

This leaves two choices: upgrade hardware to be sure of getting the latest software to maintain robust protection, or keep current hardware and entrust network security to out-of-date software.

Frequently companies choose the latter option. After all, their hardware appears to be working, so why upgrade it? An admin might think, “As long as my end users aren’t calling me to complain, everything must be working fine.” Unfortunately, ‘working’ does not equal secure.

For example, suppose the net admin uses OpenSSL for backend services. Over the past few years, OpenSSL has identified several vulnerabilities. Hackers know this, so they look for devices running older versions of OpenSSL to exploit. Advanced security applications are able to monitor such events and quickly provide patches in software updates. But if an appliance can’t run the latest security software and the business is using an older version of OpenSSL, it is wide open to an attack.

That is just one example among the hundreds and thousands of enhancements and updates constantly being created to address new risks, threats and vulnerabilities.

Aging hardware is also a risk because it will ultimately fail at some point. That is a generally accepted principle when deploying hardware: there is a mean time between failures. It is why equipment is guaranteed only for a certain number of years. After that, the likelihood of failure becomes statistically high.

So aging hardware presents a double risk: an organisation might suffer a breach because of out-of-date security software, and might completely lose functionality because of equipment failure. Both eventualities will leave IT staff scrambling to repair the damage. The good news is they can prevent a catastrophic situation by being proactive in upgrading their network security and access appliances.

Upgrading hardware prevents security breaches, but also brings quantifiable value to daily business operations. For example, advanced security software updates include new features to make deployment easier through wizards – so what took 30 steps before may take just five now. By minimising the clicks, it streamlines administrative tasks, saving both time and money.

Plus, with every new generation of hardware comes leading-edge components: memory, processors, hard disks, network interface cards, etc. New hardware can handle more users and manage traffic faster and more reliably than ever so you can do more with less.

Take a hard line when it comes to upgrading hardware. A business will gain increased security to meet today’s sophisticated threats, reduce network complexity, improve productivity, enhance the user experience and lower bottom line costs. The only thing to lose is the experience of getting hacked … and we can all do without that.

Article by Adam Jaques, senior director of Worldwide Marketing at Pulse Secure.

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.
Red Box gains compliance boost with new partnership
By partnering with Global Relay, voice platform provider Red Box is improving the security of its offerings for high-value and risk voice data.