Traditional security set ups may fall short of requirements for GDPR and similar regulations, leaving companies exposed to potential penalties, according to Aruba.
The company is warning that the piecemeal nature of most security infrastructure is likely to be inadequate to detect new attacks that use legitimate user credentials to access sensitive information. This means that companies risk not being able to detect and report a breach within the 72 hours stipulated by GDPR.
Aruba has highlighted the issues in a new whitepaper. The company suggests that rather than a complete security overhaul, they can leave existing solutions, which rely on pattern matching to detect threats within a network, in place and add an additional layer of monitoring. The solutions in this layer can utilise machine learning analysis of all network traffic to detect small behavioural changes that indicate a low-profile persistent attack.
"Personal information is absolute gold dust for attackers, because it can quickly be sold on the Dark Web" said Morten Illum, VP EMEA at Aruba. "It´s almost certain that your business will see its personal data targeted in future, and attackers will appear to be a trusted user while they are carrying out their work. Without using automation tools to spot the unusual activity that's going on, it could take months to detect what´s going on. And that´s bad news both for your customer relationships, and your GDPR strategy."
Aruba said that its Aruba 360 Secure Fabric solution can provide a combination of network access control capabilities to view the millions of devices accessing the network, and provide policy-based, device-specific access that can significantly limit access to user personal data. This can be coupled with Aruba IntroSpect, which uses machine learning to determine where personal data resides, and search the entire network for anomalous activity that could indicate a potential security breach. IntroSpect uses this learning to generate ‘risk scores' for each connected user, device, system and database, focusing the attention of IT and security teams and ensuring future attacks do not go unnoticed.
The company says that reporting based on the IntroSpect solution has enabled investigations to be completed in thirty hours less than with previous systems, which will help in meeting the strict requirements for reporting under GDPR.
"There is no single product or combination of security solutions that can guarantee GDPR compliance", continued Illum, "so it´s time that we bring existing solutions together. A holistic GDPR strategy can only be achieved if the security teams have the right tools to do their job. We think a single view of the network, and the ability to automatically create new policies based on incoming activity, is our best chance of staying ahead."