Top 12 Network Security Terms & Trends for 2015
As technology evolves, so does the sophistication of cyberattacks. Below is a glossary of the most relevant network security terms and trends of 2015.
#1: Hybrid Cloud
Instead of asking, “Should we move to the cloud?” try asking, “Should we move everything to the cloud?” Depending on your industry, moving all your business applications, systems and files to the cloud isn’t always the best solution. A hybrid cloud approach allows businesses to get the best of both worlds. The term “hybrid cloud” can refer to 2 approaches: 1. Running some systems from a private cloud while running others from the public cloud, or 2. Running some systems on in-house servers and running other systems from the cloud. Oftentimes, running more sensitive systems in-house or off a private cloud is a better option for handling sensitive data, especially for businesses with specific security compliance requirements (financial institutions or medical offices, for example).
Also known as a zombie army, a botnet is a network of private computers infected with malicious software and controlled as a group—without the owners’ knowledge. This slave network performs automated tasks over the internet to forward harmful programs such as spam or viruses to massive amounts of people and accounts. A botnet can also be used to attack computers and servers, or used to commit other types of crime and fraud.
#3: Web Filtering
Web filtering involves screening all webpages to determine if a particular user is allowed to access a particular webpage, based on a set of predetermined rules. Web filtering provides a cloud-delivered network security service that delivers automated protection against advanced attacks for any device, anywhere.
These two terms mirror each other. When you “blacklist” an application, user, service, program or website, yourestrict access and privileges. On the opposite end, if you “whitelist” an application, user, service, program or website, you grant full access.
#5: BitLocker Drive Encryption
A sophisticated automatic file encryption security service available on Windows. With BitLocker, you get all the benefits of better data security protection, without having to bother with manual file encryption.
A security mechanism designed to separate running programs from the rest of a network system. Sandboxing is used to execute unknown code, and to test unverified software from third party vendors, untrusted websites, suppliers, and users. Tightly controlled and heavily restricted, sandboxing is a way to test a program to determine if it has some form of malware without allowing it to spread to any other part of the network.
#7: Internet of Things (IoT)
The constant transfer of data and communication between every single piece of technology that uses the internet to some capacity. This goes far beyond stationery computers connected to a network—this is the interconnection of individual computing devices (including sensors, biochips, software, electronics, and more) able to transfer data over a network, automating data exchange and ushering in a new world of potentially exploitable systems and technology.
Bring Your Own Device is a business technology model that encourages employees to use their own personal technology for work. BYOD has many advantages, but because it’s a new model, there are a number of important problems—namely security concerns. Businesses adopting this model should establish security-centric BYOD policies to minimize these potential threats.
#9: Security Analytics
Efficiently and effectively analyzing large amounts of network security data. The challenge in security analytics is deciphering a way to automate reporting on such a huge amount of event data. These advanced security analytics will aid in identifying security threats and enable faster response.
Ransomware is installed on your computer from a remote location, then it locks down a computer or network from use, demanding the user pay a ransom fee to the creators of the malware to remove the restriction. These programs use fear tactics to coax users into paying a ransom. However, even if the ransom is paid, there’s no guarantee the user will gain access to their computer or files again.
#11: Embedded Mobile Security
Security protocol intended to protect networks by restricting access of non-compliant devices. With the increasing awareness that personal mobile devices are alarmingly vulnerable to cyberattacks, the security technology industry is focusing its efforts on building security platforms for mobile devices, via encryption, better password management, and understanding user error/vulnerability.
#12: Application Control
Sooner or later, any network’s users could unintentionally download malicious applications and software. Application control seeks to counteract these user errors by providing protection against unwanted applications. Typically any executable application must be approved to function, and automated executable applications are entirely prevented from operating on an application controlled network.