Simplifying your network architecture for security

Posted by Susan Sison on Jul 16, 2015 4:00:00 PM

Many times, when NCA is consulting with our clients, we come across the same kind of thinking, which is to segment different areas of IT into their own teams, that support different applications and areas of architecture. It's called 'siloing', and almost all IT organizations fall into that particular approach.

securityarchitecture

There's a certain degree of common sense behind it. After all, most IT groups are composed of individuals and teams with different skill sets, who support very different things. And that level of segmentation makes sense. After all, who would trust a DBA to manage the network architecture, or vice versa?
The Devil really is in the Details

While that approach works from a functional, organizational, and budgetary approach, it can be very dangerous from a security standpoint. Siloed architectures and organizations are hard to penetrate, and they don't always communicate as clearly as they should. This leads to 'seams', or areas between functional areas where a miscommunication between teams leads to security gaps, i.e. 'we didn't patch that server, it's managed by the other team', and so forth.

One area that often illustrates this point is the network architecture of many organizations. For different reasons - because the company allows different business units or locations to manage their own network architecture, or the company has grown by acquisition and the network architecture that supported a given acquired company was never integrated into the larger whole, etc. - many corporate networks are actually a collection of loosely connected subnets that act more or less autonomously.
Simplify to Secure

And this is where the network architecture of an organization can become a security liability in itself, exposing the overall organization to risk that could be avoided by a more simple network with a more unified network management.

Many companies can eliminate security gaps by simply streamlining and organizing their network, eliminating redundancies and ensuring that all of the devices that support the network are patched and configured consistently. Without this approach, devices are left more or less unmanaged or even forgotten, and new devices and endpoints are added to the network without consistent review and control.

NCA helps companies of all sizes to evaluate, simplify, and control their network architecture, to provide not only better management but better security as well. Contact us here to start discussing how NCA can help simplify and secure your corporate network architecture.

Network Computing Architects, Inc. is a premier provider of high quality sustainable and secure networking, information security solutions and unified communications. We partner with our clients to provide answers to business initiatives where leading technologies converge.

NCA achieved ISO 27001:2005 certification in December 2007 and is currently ISO 27001:2013 certified. The scope of NCA's ISMS is client confidential information within NCA Professional Services Practice.