Story image

To upgrade or not to upgrade – that is the security question

25 Oct 17

When we think of security, we probably think ‘software’ first. But software runs on hardware, and if network security and access appliances are aging, a security profile may be crumbling – without an organisation being aware of it.

Network security and access appliances sit at the edge of the network, determining who can be let into the network and how much access they should be given. Since security threats are evolving by the day, these appliances need up-to-date software to protect both company and users from harm.

But let us consider the vulnerabilities of outdated hardware appliances. If appliances are three or four generations old, the latest software versions are likely not compatible with existing hardware, so the business is left running out-of-date software.

This leaves two choices: upgrade hardware to be sure of getting the latest software to maintain robust protection, or keep current hardware and entrust network security to out-of-date software.

Frequently companies choose the latter option. After all, their hardware appears to be working, so why upgrade it? An admin might think, “As long as my end users aren’t calling me to complain, everything must be working fine.” Unfortunately, ‘working’ does not equal secure.

For example, suppose the net admin uses OpenSSL for backend services. Over the past few years, OpenSSL has identified several vulnerabilities. Hackers know this, so they look for devices running older versions of OpenSSL to exploit. Advanced security applications are able to monitor such events and quickly provide patches in software updates. But if an appliance can’t run the latest security software and the business is using an older version of OpenSSL, it is wide open to an attack.

That is just one example among the hundreds and thousands of enhancements and updates constantly being created to address new risks, threats and vulnerabilities.

Aging hardware is also a risk because it will ultimately fail at some point. That is a generally accepted principle when deploying hardware: there is a mean time between failures. It is why equipment is guaranteed only for a certain number of years. After that, the likelihood of failure becomes statistically high.

So aging hardware presents a double risk: an organisation might suffer a breach because of out-of-date security software, and might completely lose functionality because of equipment failure. Both eventualities will leave IT staff scrambling to repair the damage. The good news is they can prevent a catastrophic situation by being proactive in upgrading their network security and access appliances.

Upgrading hardware prevents security breaches, but also brings quantifiable value to daily business operations. For example, advanced security software updates include new features to make deployment easier through wizards – so what took 30 steps before may take just five now. By minimising the clicks, it streamlines administrative tasks, saving both time and money.

Plus, with every new generation of hardware comes leading-edge components: memory, processors, hard disks, network interface cards, etc. New hardware can handle more users and manage traffic faster and more reliably than ever so you can do more with less.

Take a hard line when it comes to upgrading hardware. A business will gain increased security to meet today’s sophisticated threats, reduce network complexity, improve productivity, enhance the user experience and lower bottom line costs. The only thing to lose is the experience of getting hacked … and we can all do without that.

Article by Adam Jaques, senior director of Worldwide Marketing at Pulse Secure.

Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.