The network has never been more important for day-to-day business operations, or more vulnerable to cyberattacks and outages. We place an enormous burden on our networks, and on the IT pros who manage them. There is no room for error – one analyst estimate the cost of a typical unplanned network outage is more than $740,000.
Clearly, protecting against external attacks and poor performance issues is business critical. The question is “How?” You can find the answers, as well as guidelines for how to better protect your network, in the Infoblox 2016 Network Protection Survey report, which we are releasing today.
Infoblox recently surveyed 200 large organizations in the United States and Canada to learn how they protect and manage their networks. We then grouped the companies into two groups: those who most closely adhered to best practices (top-tier), and those who deviated the most (bottom-tier).
What struck me most about the findings was the significant difference between the top-tier companies’ overall approach and the bottom-tier. Top-tier IT professionals focus on strategic goals, with the most common being improving IT agility and making IT a strategic asset for the organization. That makes sense – security is not an IT issue, it’s an organizational one. The bottom-tier focuses more on tactical issues, such as security and lowering IT costs.
Top-tier companies provision new users, servers, devices and apps much faster and more accurately than the bottom-tier. As a result, they achieve better visibility into and control over infrastructure details such as IP addresses, malicious DNS traffic, and trusted users deviating from appropriate behavior. In fact, they are four times more likely than the bottom tier to report having complete control over their IP addressing.
Additionally, the top-tier organizations’ networks run more smoothly. They are about twice as likely to meet SLAs, 10 times as likely to quickly remediate security events, even as such events become a rare occurrence. While bottom-tier organizations reported an average of three security-incident related outages and one data breach, top-tiers reported none.
Finally, the IT departments at top-tier companies are much more likely to earn respect and praise from users across all other departments and the C-suite. They earn this recognition because they work to break down departmental silos between IT, networking, and security, and to improve collaboration with other departments such as governance, risk management and compliance (GRC) and HR.
After determining what separates the top-tier and bottom-tier, we were able to recommend a set of best practices that can help any organization to run a better network.
For starters, make a commitment to improving security intelligence by using an automated tool that alerts you when new devices appear on the network, deploying a security information and event management solution (SIEM), and investing in machine-readable threat intelligence.
Also, do not tolerate silos – either in your tools or in your teams. And place a high value on collecting and using DNS and DHCP data. Roughly half of the top-tier companies we surveyed use such data to discover new devices on their networks, versus none of the bottom-tier. And the top-tier is nearly three times as likely to use DNS logs for security purposes.
For those that like to consume their material visually check out the infographic here which contains the key findings as well as all of our recommendations.