One of the key metrics of network performance is uptime—the percentage of time a company’s system is connected to a network or the Internet. Typically, when people look for the causes of the loss of connectivity, they usually think in terms of service interruptions: a physical line being cut or lightening striking a utility pole.
As a security professional, I have a slightly different take on the threats to good uptime. Interruptions to connectivity are not due just to accidents, but also to conscious attempts to crash the system by malicious hackers, jammers and denial of service attacks.
So as I begin my role as Chief Security Officer at Cradlepoint, I find myself thinking about the different things I can do to help make our customers’ uptimes as high as possible. One of the first things that comes to mind is building a bridge between the two internal groups responsible for managing the things that interrupt connectivity: network operations and security.
You could say there is almost a built-in conflict between the two departments. Every time the security folks ask for better encryption; every time they tighten requirements for passwords, the network operations team has to work a little harder. Every time the network operations team takes steps to make it easier for users to access new functionality, which can bring with them potential new breaches, the security team has to ramp up too.
But when you step back a bit, it’s clear that both departments have one thing in common: They both want to do everything in their power to maintain a very high level of uptime. It just needs to be secure uptime.
After all, security’s insistence on twelve-digit, numerical/alphabetic, uppercase/lowercase passwords that are kept safe from prying eyes and that change every thirty days… these aren’t things designed to make life difficult for network operations—to siphon off their valuable resources. They’re put in place to keep the system safe from those other, but equally real, threats to uptime—the hackers, the jammers, the distributed attacks.
As I step into this new position, one of my goals will be to continually remind network operations teams and security teams alike that we are all dedicated to one thing: Giving our customers the optimal combination of high connectivity and strong security. We need to remember that the actions each group takes are earnest efforts to reach this common goal.