
by Scott Tyson, Managing Director, EMEA, Auvik Networks
Brazil, China, India, Russia, Vietnam, and the list goes on. While considered a vacation destination by many, they’re also among some of the world’s biggest cybercrime hotspots.
So why is it that, before our holidays abroad, we’re inclined to check the latest travel advisories for any safety and security concerns…but so many don’t take the same precautions to check for safety and security concerns regarding the destination of their network traffic?
Consider the facts:
- By 2021, annual cybersecurity damage is expected to reach $6 trillion.
- Nearly half of all cyber attacks are aimed at small business.
- 92% of malware is still delivered via email.
- 50% of internet users will click on a link from an unknown sender.
- On average, data breaches are identified in 191 days.
- The average time to contain a detected data breach is 66 days.
Now consider the fact that the GDPR requires EU organisations to report detected breaches within 72 hours or risk facing some hefty fines. Having robust breach detection, investigation, and internal reporting procedures in place is critical in this regard. But so is avoiding cyber attacks from happening in the first place.
So, if you could easily track where traffic is coming and going from your network, would you? Would you want to see and be alerted to instances where there’s traffic going to or coming from Russia or North Korea, but you have no business dealings there and no reason for your network to communicate with that country?
With Auvik TrafficInsights™, for example, it’s as easy as looking on a map. The Geolocation area in TrafficInsights shows the distribution of traffic by geographic location:
In this view, you can see the source and destination IP addresses of all your network traffic. This visibility allows the people responsible for managing your network to easily spot traffic bound for sanctioned countries you have no business dealings in, identify which device is sending the traffic, and isolate the device the traffic is coming from.
And if it’s determined that the traffic is illegitimate, potentially malicious, or headed to an off-limits country, they can take action and add restrictions to stop it in its tracks.
But not all network traffic monitoring systems are created equal. Many traditional NetFlow options aren’t cutting it, falling really short when it comes to encrypted traffic. And since 72% of all network traffic was encrypted by late 2018, that’s a problem.
That’s why TrafficInsights uses machine learning to complement NetFlow data with additional metadata—like source and destination geography—so network administrators can really understand the traffic. Even if it’s encrypted.
With deep visibility into who’s on the network, what they’re doing, and where their traffic is going, it becomes possible to address network security risks before they become an issue. How? In many cases, it’s a matter of adding targeted geo-restriction rules on the firewall or rolling out a mix of other firewall configuration best practices to prevent potentially malicious traffic from crossing your internal network perimeter.
When it comes to your network traffic, don’t let it travel blindly. Find a travel advisory (a.k.a. a system to monitor where your network traffic is coming from and going to), and be confident knowing you’re taking the right steps to keep it—and your business—safe and secure.
———————————————————————————————————————
About Scott Tyson
Based in the UK, Scott Tyson is the EMEA managing director for Auvik Networks. Prior to Auvik, Scott was head of global sales at Inbay, where he drove significant company growth in EMEA, North America, Australia, and New Zealand, and founded the company’s first international office. At one time a professional cricket player, Scott emigrated from his native Australia to the UK in 1998, before starting in channel management in 2002. Since then, he’s held senior roles in both the UK and Australia building out regional and global sales channels for companies such as SpectraLink, AdvaTel, and Mailprotector.