SmartAdvice: Add Security Appliances, But Remain Vigilant And Have Backups - InformationWeek
Software // Enterprise Applications
11:53 AM

SmartAdvice: Add Security Appliances, But Remain Vigilant And Have Backups

There are too many security threats these days to have just one security point, The Advisory Council says, but add firewalls, VPNs, and other appliances to the mix. Also, measure how the help desk aids profits and rethink it as a proactive IT-services partner.

Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers two questions of core interest to you, ranging from leadership advice to enterprise strategies to how to deal with vendors. Submit questions directly to

Question A: Should we use security appliances for firewalls and VPN access, or would we be better off deploying security software on general-purpose servers?

Our advice: Network security is serious business. The flood of viruses, spam, spyware and other attacks on computer networks seems to be almost unstoppable. The recent CSI/FBI Computer Crime and Security Survey documents that security breaches were responsible for more than $140 million in business losses at the 494 companies surveyed in 2004. Clearly, having a good computer-security defense in place is of paramount importance for any business, yet achieving that goal can be challenging. In the past, unless you had a dedicated, highly trained, professional security staff and specialized systems, something would eventually slip past your defenses. Fortunately, the new breed of security appliances now available makes practicing good security hygiene a snap, but there are some worrisome vulnerabilities in taking the appliance approach to solving corporate network security problems.

Related Links

CSI/FBI Computer Crime and Security Survey

E-mail Security At The Gateway

Next Generation Host And Network Intrusion Prevention Solutions

If you've recently installed a new firewall, VPN, or wireless router, you've installed a security appliance. What makes these new products different is that they're specifically designed to be easy to install and maintain -- they're usually configured and functional in under an hour -- transparent, inexpensive, and able to be upgraded. They're often sold as hardware with an annual software update subscription. Don't even think about cutting costs by forgoing the subscription. The crackers have more expertise and spare time than you do. Take advantage of your appliance vendor's development team, and let them stay a step ahead. Of course, it goes without saying that you need to remember to maintain the system with the latest patches and updates. The products marketed to midsize businesses can generally be configured to update automatically.

Cheap and easy to use, what's not to like about these systems? There are some disadvantages to using security appliances as part of a corporate security strategy. The obvious disadvantage is that the appliance itself becomes a known target for malicious activities. No matter how good the vendor's development team, all security systems have vulnerabilities. It's a matter of time before they become known to the cracker community and exploited.

Another disadvantage is allowing your network security to rely on a single point of failure. If that system is compromised, then the entire trusted network might be open to attack. We recommend continuing to maintain desktop and server-based security software in addition to any network appliance installation.

Security appliances make sense as part of an overall IT infrastructure strategy as long as you remain vigilant. From a business perspective, security is just an expensive insurance policy, so a solution that takes care of the problem transparently and cost effectively seems like a dream come true.

--Beth Cohen

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of Data and Analytics
Today's companies are differentiating themselves using data analytics, but the journey requires adjustments to people, processes, technology, and culture. 
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll