We reached out to several cybersecurity experts and business owners who shared a few things to consider when shopping around for a network security service. It first depends on your own security needs. Do you need secure a handful of computers or an entire server farm? Do outside parties frequently access your servers? How many endpoints are connected to your network? Is your data mostly located on cloud platforms or on-premise?
There are several different types of security methods offered by services. Different services will emphasize different approaches to security based on their specialty and your specific needs. Below are a few common features to look for when deciding on a network security service. We decided to highlight services that offered a form of all three features or offered an exemplary version of one or more of them.
Different security risks call for different solutions, so you should find a company that conducts thorough risk assessments on your network. This can be done through several methods, one including having a security expert visit your business to get an up-close look at your system. This process can also be done remotely.
Risk assessment isn't just a one-time service, as services can continue to analyze and test your network security on a routine basis to ensure that your system remains secured. Fortunately, most services you work with will help you determine what your network really needs.
Firewall/Secure Web Gateway
One of network security's most important components is a device to filter our traffic that goes in and out of a network. Web-based attacks can come in the form of malicious applications that get downloaded accidently or automatically if a user stumbles onto an unsecure website. Malware can download in the background without the user knowing as well. That's why it's important for networks to have a gatekeeping device to detect and stop malicious data from entering a network.
Firewalls are the most common way to do this, as they are loaded with a set of rules and filters to sort out traffic that's suspect or malicious. Like antimalware, they are usually backed by a database of known threats. The most advanced firewalls come in the form of devices that you install between your endpoints and your physical connection to the internet. There are also virtual and managed firewalls that are kept off site, but still filter through your traffic before it can go to any other IP address.
Another common technology used by network security services are secure web gateways. Like firewalls, they analyze traffic that's going in and out of your network. These types of devices are good for filtering specific content, as well as reporting suspicious traffic patterns. The function that sorts out certain traffic is called data loss prevention (DLP), which tries to prevent sensitive data belonging to the client from leaving the network or being sent to an unauthorized source. Things like credentials can be prevented from being sent to an untrusted party if the system detects it within the content.
A subcategory of this technology specifically monitors a business's email traffic. Email is the most common attack vector for hackers, so many services offer coverage specifically for filtering business email to prevent malware-laced spam and phishing.
Detection and Response
There are many types of applications that can fall under this category, including Intrusion Detection Systems (IDS) or Intrusion Response System (IRS). Many services have applications that cover endpoints, cloud platforms or a combination of both. These types of programs do the bulk of the work identifying suspicious traffic or activity within the network and pinning it as a threat.
The best of these systems are normally backed up by a threat intelligence system that's powered by big data and machine learning, which can distinguish intruding, malicious traffic from the rest. They can take down known malware threats, but more importantly they are the key to finding unknown, zero-day attacks and advanced persistent threats. For even more advanced threats, services can deploy the expertise of their human security analysts to examine especially pervasive threats in the case of an emergency such as an imminent data breach.
Few services are a one size-fits all solution, and not all of them feature everything you may need for a comprehensive security stack. However, the services reviewed here are all quality platforms that offer state of the art cybersecurity technology and quality customer service.