Security check

Securing remote offices to prevent threats from entering the firm’s connected network has not really been top of the priority list for Middle East enterprises. However, it is about time for them to wake up and start defending their expanding borders.

Tags: BahrainBlue Coat Systems IncorporatedJuniper Networks IncorporatedMcAfee IncorporationSymantec CorporationVPNWAN
  • E-Mail
Security check Middle East enterprises should consider branch security right from the start. - Bulent Teksoz, Symantec security expert.
More pics ›
By Staff Writer Published  January 6, 2010 Network Middle East Logo

If a chain is only as strong as its weakest link, then the security of an enterprise network is only as strong as its most unprotected remote location.

“Many large organisations secure headquarters first and training, technologies and concern for smaller branch threats comes second. However, threats are the same and the interconnected organisation needs to ensure that all assets are safeguarded, as one problem in a regional office laptop can make data and systems vulnerable worldwide,” says Nigel Hawthorn, VP EMEA marketing at Blue Coat Systems.

“Branch offices often have different responsibilities and challenges to main offices or headquarters and consequently many have a history of lower levels of security spending. The main reason for this is the focus of branch offices on operations and sales,” states Hamed Diab, Middle East regional director at McAfee.

Come together

Tarek Abbas, senior systems engineering manager of enterprise at Juniper Networks adds: “Branch level security in the Middle East is often deployed as a patchwork of devices that usually don’t work together or share information at an inter- or intra-site level. As attacks targeting enterprises have become more sophisticated, cyber-criminals specifically target weak links such as branch outposts, satellite locations and mobile end users.

As a result, cyber criminals are often successful as they fall “between the cracks” of traditional point security products. Compounding the security challenge is an access issue of how to support a wider, more diverse audience (including employees, partners, subcontractors and offshore facilities) that all require access to specific critical data.”

In spite of being of obvious importance, the security of remote locations is, sadly, often overlooked by regional enterprises.

Diab points out: “One thing that our experience in the Middle East has shown is that branch offices often have lower security standards than headquarters. This could be due to the fact that branch offices are usually focused on regional operations and sales.  However, with this focus comes a need to maximise productivity and uptime, and to protect valuable data. Sales data is a fundamental asset to any organisation of this time, so this, and the systems on which is resides, are assets that must be protected.”

Bulent Teksoz, Symantec security expert agrees, stating: “Unfortunately defence measures at branches are not on the same level as headquarters security measures. The branches or remote offices generally represent the weakest link in the corporate security structure.”

Cause and effect

While most people might know that in a connected universe protecting the branch or remote location is as crucial as the headquarters, the reasons for why defence measures still get ignored are not always willingly examined.

“Branch offices usually connect directly to headquarters using either a private WAN link or a VPN over the internet, or they deploy VPN over the private WAN link. As more branch offices connect directly to the internet—rather than backhauling internet traffic to headquarters—this trend introduces a new set of security, performance, connectivity, and reliability challenges. Many enterprises have not scaled up their branch security to meet this new trend,” says Abbas.

He continues: “Traditionally, IT resources were located in the headquarters, and investment in additional resources to cover the branches was limited. There was limited investment as well in IT devices for the branch and in centralised systems that allow effective management from the headquarters and which mitigate any human error.”

Diab explains: “There are a number of reasons why branch-level security may be lower than elsewhere. First, there is often a perception that an organisation’s most important assets are located at the head office.  While this may at times be true, there is a need to take into account the increased integration across their branches.

“Second, it is not unusual for there to be less qualified security personnel in branch offices. As branch offices tend to focus on regional operations and sales, the importance of qualified security personnel is often overlooked,” he adds.

“Third, there may – often as a result of being fewer trained staff on-site - be reduced security awareness amongst employees. Although security spending has been constantly increasing in the Middle East region, it is still relatively young and therefore inexperienced compared to some other territories. Security awareness remains low among individuals in the region, and this has an impact on vulnerability to threats,” says Diab.

Starting point

There are many reasons for branch-level security flagging among regional enterprises. However, the most important among them remains an almost unshakeable concept that holds the headquarters to be the first for defence measures, while branches come a far second.

However, in today’s world, where borders are fast disappearing and remote offices are becoming road warriors, enterprises are required to up their protective measures for a distributed reality.

“Middle East enterprises should consider branch security right from the start. It should be designed in when the idea of opening a branch is introduced,” states Teksoz.

Abbas says: “Success in securing all locations is not impossible, and it doesn’t have to be expensive. Distributed enterprise solutions deliver a consistent, secure, high-performance foundation that meets the unique infrastructure challenges of the high-value distributed enterprise. By adopting a solution-based distributed enterprise approach, the limitations of the business no longer need to be dictated by the network.”

He continues: “A co-operative adaptive threat management solution, where each security element can operate on a single operating system and co-operates with others at various locations is the only approach that can enable a trusted and available network. Through this coordinated approach, businesses can deliver high-quality access to essential data and applications, and provide secure productivity and communications services.”

Any enterprise that attempts to provide security to its remote location also needs to consider elements of a central management system.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code