Reducing threat surface area in enterprise IT

In the past decade and a half, the operational aspects of business have undergone an unimaginably massive transformation. Enterprises have adopted new technologies every year, and have revamped age old methods of getting things done.

Whereas these technological transformations have empowered businesses on many fronts, they have also been accompanied with corresponding IT security and privacy risks. The pace of onset and adoption of new technologies, it is safe to say, has been much greater than the pace of growth and maturation in IT security technologies and tools.

The result, enterprises and businesses of all scales and sizes, irrespective of the extent of their technology adoption, are vulnerable to cyberattacks because of the massive increase in the threat surface area.

Threat surface area

Before anything, let’s understand the idea of threat surface area, and the technologies that have, although indirectly, resulted in the current state of affairs.

Threat surface area: What is it?

Simply put, threat surface area is the sum total of all vulnerabilities in your enterprise IT systems that cyberattackers can exploit to inflict damage via DDoS attacks, ransomware (watch “The Good Wife” Season 6 with the Russian hacker) and other malware infections and data theft, among others. The greater number of disparate technologies, systems, and processes in place, the more chances of expanding your enterprise’s threat surface area. The solution, of course, is not to cut down on IT, but to make sure that every IT system and process is securely integrated into the whole mix.

The pace of onset and adoption of new technologies, it is safe to say, has been much greater than the pace of growth and maturation in IT security technologies and tools.

Technologies indirectly resulting in threat surface area expansion

Cloud and virtualization

Cloud computing-based services and virtualization techniques have been real game changers for business. These technologies have been a godsend for businesses that would otherwise not have been able to leverage the power of advanced storage, computing, and application services. The world continues to get flatter, which is awesome for smaller businesses that can scale up quickly and become a threat to even more large-scale and established players.

Unfortunately, reliance on public cloud service providers means that cloud-heavy enterprises also have bigger threat surface areas.

Enterprise mobility

The modern workplace is nothing like what it was a decade back. Today, enterprises have adopted flexible work models, allowing employees to work from home (though some businesses are not allowing this anymore), remote locations, and even letting them bring in their own devices (BYOD) to the office. This delivers unmatched productivity and business continuity benefits, at the cost of a massive increase in the threat surface area.

Third-party tools

Invariably, enterprises have to use third-party tools, such as Slack, Trello, Google Docs, etc. These new paradigms imply that your enterprise data will need to rest with these third-party service providers. Automatically, their threat surface area becomes yours, too!

Internet of Things

With every passing day, we’re nearing the time when IoT waves will hit the shores. From climate control to attendance recording, from assembly line automation to end user product use experience, everything could be massively improved with small, connected, and smart gadgets within enterprises. The side-effect of a massive threat surface area, however, can’t be ignored, as enterprises will have much larger threat surface areas to protect.

threat surface area

The big question, then – how do CIOs balance their interest, investments, and endorsements of technological waves of the present and the future, and secure the potentially expansive threat surface areas that result? Here are some methods, ideas, and strategies.

Keep business critical and financially sensitive data on the premises

Is that a regressive statement? Well, not if you capture the true essence of the intended meaning. Every enterprise has data that it just can’t afford to lose access to. For some, it’s their customer base (Verizon), for some it’s the product design (Boeing), and for others, it’s a software code (Twitter, Google, and so on). The solution, keep this business critical and sensitive data on the premises. Considering it makes perhaps only 10 percent of your total data volume, you can still leverage the benefits of the cloud for the remaining 90 percent of your workload. This helps enterprises balance security with disaster preparedness.

Invest in on-premises monitoring systems

There have been numerous instances that have translated into business case studies verifying the effectiveness of on-premises monitoring and reporting tools that help enterprise in-house IT to proactively identify cyberattack attempts, and prevent them.

Keeping these technologies on-premises helps enterprises react quickly and fine-tune security policies as soon as the situation demands. Remember, the more the threat area percentage that you bring under active real-time monitoring and reporting, the less the risk is of this surface area actually falling prey to cyberattacks.

Educate IT decision makers on better vendor selection

It’s surprising how little thought is invested in service and vendor selection, even for enterprises that have specialist procurement officers in place. There is an ever improving and increasing accessible body of knowledge about vendor management best practices, cloud service buying guides, and literature on the bare minimum compliances (some of them backed with well-stratified acts, such as HIPAA).

By conducting background research before choosing new IT systems, tools, technologies, and processes, CIOs, CDOs, and CISOs can better their understanding of the best practices, compliance checks, and background checks they need to conduct to keep their control over the enterprise threat surface area.

Multilayered security system

A universal security policy is an oversimplification at best, especially considering the hybrid nature of the modern enterprise’s IT infrastructure and application ecosystem. Layering of threat detection, prevention, and response mechanisms and practices is the way forward for IT-heavy enterprises.

Multiple forms of user authentication across business practices, uniform security policies across devices (both enterprise owned and user owned), inclusion of all remote users and remote accesses in the purview of central IT threat protection – all these practices help organizations build a layered security system.

Don’t overlook the threat

The reality is upon everyone – business battles are increasing fought on the IT front rather than on product and service front. Technology adoption is a matter of necessity for businesses. The corresponding exposure of increased threat surface area, however, is often overlooked.

That’s where the practices we’ve discussed in this guide will help IT decision makers align their strategies toward the dual aim of leveraging better technologies and delivering them in tandem.

Photo credit: Shutterstock

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top