{"id":7259,"date":"2017-11-15T00:00:00","date_gmt":"2017-11-15T00:00:00","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/2017\/11\/15\/how-to-achieve-an-optimal-security-posture\/"},"modified":"2022-08-16T16:15:28","modified_gmt":"2022-08-16T16:15:28","slug":"how-to-achieve-an-optimal-security-posture","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/","title":{"rendered":"How to Achieve an Optimal Security Posture"},"content":{"rendered":"<div id=\"article-content\">\n<div id=\"article-ads\">\n<div class=\"hidden-xs\">\n<div id=\"daily-newsletter\" class=\"row\">\n<div class=\"text-center\">\n<div class=\"col-md-6 col-md-offset-3\">\n<div id=\"namecard-input-groupwz\" class=\"input-group\">\n<p>&nbsp;<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>The perfect IT security solution is one that makes an enterprise completely secure and &#8220;unhackable,&#8221; where no unauthorized parties can get onto the network, access confidential data, deny service to legitimate users, or otherwise carry out any malicious or unwanted activities.<\/p>\n<p>Anyone who reads the security news these days knows that perfect security is impossible. The challenge, then, for corporate IT security teams is to develop an <em>optimal security posture<\/em>, one that uses the current state of security technology to minimize the chances that a damaging security breach can occur \u2013 and to minimize the damage if a breach does occur. The precise makeup of an optimal IT security posture will vary from company to company, but here are some general guidelines.<\/p>\n<p><strong>Jump to:<\/strong><\/p>\n<ul>\n<li><a href=\"#patch\"><strong>Patch Management<\/strong><\/a><\/li>\n<li><a href=\"#IAM\"><strong>Identity and Access Management<\/strong><\/a><\/li>\n<li><strong><a href=\"#MFA\">Multi-Factor Authentication<\/a><\/strong><\/li>\n<li><a href=\"#NAC\"><strong>Network Access Control<\/strong><\/a><\/li>\n<li><a href=\"#compliance\"><strong>Compliance<\/strong><\/a><\/li>\n<li><a href=\"#phishing\"><strong>Social Engineering<\/strong><\/a><\/li>\n<li><a href=\"#endpoint\"><strong>Endpoint and Anti-Malware<\/strong><\/a><\/li>\n<li><a href=\"#mobile\"><strong>Mobile<\/strong><\/a><\/li>\n<li><a href=\"#endpoint\"><strong>IoT<\/strong><\/a><\/li>\n<li><a href=\"#cloud\"><strong>Cloud<\/strong><\/a><\/li>\n<li><a href=\"#DDoS\"><strong>DDoS<\/strong><\/a><\/li>\n<li><a href=\"#firewalls\"><strong>Firewalls<\/strong><\/a><\/li>\n<li><a href=\"#SIEM\"><strong>SIEM<\/strong><\/a><\/li>\n<li><a href=\"#pentest\"><strong>Testing<\/strong><\/a><\/li>\n<li><strong><a href=\"#response\">Incident Response<\/a><br \/>\n<\/strong><\/li>\n<li><a href=\"#cyberinsurance\"><strong>Cyber Insurance<\/strong><\/a><\/li>\n<\/ul>\n<p>The first step in building the best possible security solution is to understand exactly what IT infrastructure you have to defend, a process that begins with a <a href=\"https:\/\/www.esecurityplanet.com\/networks\/cybersecurity-risk-management\/\">security risk assessment<\/a>. &#8220;The smartest thing is to do a comprehensive asset inventory and network definition exercise so you know every device and technology you have and where your network extends to,&#8221; said Chase Cunningham, a security and risk expert at Forrester Research.<\/p>\n<h2><a name=\"patch\"><\/a>Patch Management<\/h2>\n<p>Cunningham said that the best starting point is a vulnerability and <a href=\"https:\/\/www.esecurityplanet.com\/products\/patch-management-software\/\">patch management<\/a> system. &#8220;If you can&#8217;t patch, then you can&#8217;t defend and you can forget anything else,&#8221; he said. &#8220;If you suck at patch management, you suck at security.&#8221;<\/p>\n<p>Of course, it takes much more than a vulnerability and patch management system to secure networks, devices and applications \u2013 it requires more advanced technology to secure against threats like zero-day attacks using previously unknown vulnerabilities.<\/p>\n<h2><a name=\"IAM\"><\/a>Identify and Access Management<\/h2>\n<p>The next step then is to defend the network perimeter, beginning with <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-iam-software\/\">identity and access management systems (IAMs)<\/a>, which are intended to restrict network access to authorized users and to restrict those users to the resources that they are authorized to use. And for critical admin accounts, there&#8217;s <a href=\"https:\/\/www.esecurityplanet.com\/applications\/privileged-access-management-pam\/\">privileged access management<\/a>.<\/p>\n<h2><a name=\"MFA\"><\/a>Multi-Factor Authentication<\/h2>\n<p>IAMs are best used in conjunction with <a href=\"https:\/\/www.esecurityplanet.com\/mobile\/multi-factor-authentication\/\">multi-factor authentication<\/a> systems, which use a one-time password (generated by a portable hardware device or smartphone software, or sent to a cell phone by SMS), a biometric measurement such as a fingerprint or voice print, or some other second factor in addition to a standard password.<\/p>\n<h2><a name=\"NAC\"><\/a>Network Access Control<\/h2>\n<p>These can be reinforced using a <a href=\"https:\/\/www.esecurityplanet.com\/products\/network-access-control-solutions\/\">network access control<\/a> system, which restricts network access to authorized endpoints with prescribed security configurations (such as running an up-to-date antivirus product).<\/p>\n<h2><a name=\"compliance\"><\/a>Compliance<\/h2>\n<p>The next step, according to Cunningham, is to identify your organization&#8217;s valuable or confidential data, or data that needs to be secured for <a href=\"https:\/\/www.esecurityplanet.com\/networks\/security-compliance\/\">regulatory compliance<\/a> reasons, and take steps to defend it. &#8220;It is very simple: find your data, value it, and keep it safe,&#8221; he said. <a href=\"https:\/\/www.esecurityplanet.com\/products\/grc-tools\/\">Governance, risk and compliance (GRC) solutions<\/a> have long been an enterprise IT staple for navigating the maze of compliance regulations.<\/p>\n<h2><a name=\"phishing\"><\/a>Social Engineering<\/h2>\n<p>Although it is tempting to start with technical solutions, it is important to remember that a high proportion of data breaches are the result of social engineering or <a href=\"https:\/\/www.esecurityplanet.com\/threats\/malware-types\/#phishing\">phishing<\/a> attacks. Verizon&#8217;s data breach investigation team reported recently that <strong>90% of data breaches have a social engineering or phishing component<\/strong> to them. These allow hackers to bypass security systems by tricking employees into giving them passwords or other information that they need to breach the IT infrastructure.<\/p>\n<p>That means that staff training to raise awareness in phishing and social engineering dangers and to reduce the risk of falling victim to such attacks is vital. These can be complemented by anti-phishing training tools, which are designed to keep employees&#8217; awareness of the risks of phishing emails high. They work by sending out fake phishing emails to employees from time to time to see whether they can be enticed into clicking on malicious links. Employees that do so can then be given more training to help them avoid real phishing emails in the future.<\/p>\n<h2><a name=\"endpoint\"><\/a>Endpoint and Anti-Malware<\/h2>\n<p>But the basic technical solutions include a comprehensive, centrally managed <a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/endpoint-security-its-way-more-complicated-than-you-think\/\">endpoint security<\/a> system that includes anti-<a href=\"https:\/\/www.esecurityplanet.com\/threats\/malware-types\/\">malware<\/a> software (and ideally specific measures to <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">stop ransomware<\/a>). These often also bundle other specific data protection solutions such as <a href=\"https:\/\/www.esecurityplanet.com\/networks\/encryption\/\">encryption<\/a> and <a href=\"https:\/\/www.esecurityplanet.com\/products\/data-loss-prevention-dlp-solutions\/\">data loss prevention<\/a>.<\/p>\n<p>Data loss protection is often underestimated, but it can be very effective at countering insider threats. For example, a good data loss prevention system should be able to prevent an employee who is leaving the company from downloading confidential data, customer lists and other valuable data onto a USB stick and taking it with them to their next employer.<\/p>\n<h2><a name=\"mobile\"><\/a>Mobile security<\/h2>\n<p>A relatively new area of concern for IT security professionals (thanks to the rise of Bring Your Own Device, or BYOD) is the use of employee-owned devices on the network, and some form of <a href=\"https:\/\/www.esecurityplanet.com\/mobile\/\">BYOD security<\/a> system is vital.<\/p>\n<p>Ideally, this would take the form of a comprehensive <a href=\"https:\/\/www.esecurityplanet.com\/mobile\/\/enterprise-mobility-management-emm.html\">enterprise mobility management (EMM)<\/a> system that can manage both corporate and employee-owned mobile devices (including laptops, tablets and smartphones). EMMs go beyond <a href=\"https:\/\/www.esecurityplanet.com\/mobile\/mobile-device-management\/\">mobile device management (MDM)<\/a> solutions by controlling access to corporate networks and applications, ensuring that devices are locked with strong passwords when not in use, encrypting any corporate data stored on them, and carrying out remote data wipes in case the devices are lost or stolen, among other control and visibility features.<\/p>\n<h2><a name=\"IoT\"><\/a>Internet of Things (IoT) security<\/h2>\n<p>One more area that is worth mentioning because it is becoming increasingly important is <a href=\"https:\/\/www.esecurityplanet.com\/cloud\/iot-device-risk-to-enterprises\/\">IoT security<\/a>. IoT endpoints (or &#8220;things&#8221;) are generally used as data collection points. This data is then sent over a network to an IoT platform ingestion point where the data is collected, processed and used in real time or stored.<\/p>\n<p>IoT security systems carry out a range of functions, such as detecting when IoT devices are tampered with and encrypting collected data both in motion and at rest on a dedicated IoT platform.<\/p>\n<h2><a name=\"cloud\"><\/a>Cloud security<\/h2>\n<p>Enterprises are increasingly making use of cloud services outside the corporate network, which need some way of ensuring that they can be used securely and that data stored in the cloud is safe. One way to reduce the risk introduced by cloud services is to use a <a href=\"https:\/\/www.esecurityplanet.com\/mobile\/casb\/\">cloud access security broker (CASB)<\/a>, which can set policy, monitor behavior, and manage risk across the entire set of enterprise cloud services being consumed.<\/p>\n<p>Examples of <a href=\"https:\/\/www.esecurityplanet.com\/cloud\/cloud-security-best-practices\/\">cloud security<\/a> policies enforced by a CASB include <a href=\"https:\/\/www.esecurityplanet.com\/mobile\/multi-factor-authentication\/\">authentication<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/applications\/single-sign-on\/\">single sign on<\/a>, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, and <a href=\"https:\/\/www.esecurityplanet.com\/threats\/malware-types\/\">malware detection and prevention<\/a>.<\/p>\n<p>A CASB vendor also gives enterprises visibility into authorized and non-authorized cloud usage. It can intercept and monitor data traffic between the corporate network and cloud platform, assist with compliance issues, offer data security policy enforcement, and prevent unauthorized devices, users, and apps from accessing cloud services.<\/p>\n<h2><a name=\"DDoS\"><\/a>Distributed Denial of Service (DDoS) attacks<\/h2>\n<p>About 80% of organizations faced <a href=\"https:\/\/www.esecurityplanet.com\/networks\/types-of-ddos-attacks\/\">DDoS attacks<\/a> in 2016, according to Neustar, and successful attacks cost the victim an average of $2 million. 45% of attacks are now more than 10 Gbps and 15% are now more than 50Gbps, so it is now impossible for most organizations to cope with these attacks using their own network resources.<\/p>\n<p>For that reason, it is important to have a <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-stop-ddos-attacks-tips-for-fighting-ddos-attacks\/\">DDoS mitigation plan<\/a> and service in place with a clear process for contacting the service to start mitigation in case of an attack.<\/p>\n<p>DDoS mitigation services are usually run from the cloud, and mitigation generally involves diverting all traffic (including malicious traffic) to the service, where it is scrubbed. Legitimate traffic can then be forwarded to the intended destination servers.<\/p>\n<h2><a name=\"firewalls\"><\/a>Firewalls<\/h2>\n<p><a href=\"https:\/\/www.esecurityplanet.com\/networks\/network-firewalls\/\">Network firewalls<\/a> are a critical security technology and the biggest IT security market, and <a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\">next-generation firewalls (NGFWs)<\/a> go beyond blocking ports or protocols to perform stateful packet inspection right down to the application layer, allowing the device to block packets that are not matched to known active connections, to block unwanted application traffic (rather than traffic on specific ports) and to close network ports all the time unless they are actually in use, which provides some protection against port scanning.<\/p>\n<p>Increasingly NGFWs include <a href=\"https:\/\/www.esecurityplanet.com\/products\/intrusion-detection-and-prevention-systems\/\">intrusion prevention and detection<\/a> functionality, although these may also be purchased as standalone products.<\/p>\n<p>In many cases, intrusion prevention and endpoint protection systems rely on the availability of <a href=\"https:\/\/www.esecurityplanet.com\/networks\/threat-intelligence-and-analytics-staying-ahead-of-cyber-criminals\/\">threat intelligence<\/a> feeds that provide information about emerging threats, such as signature activity that can indicate a particular threat is present.<\/p>\n<p><a href=\"https:\/\/www.esecurityplanet.com\/networks\/-security\/unified-threat-management.html\">Unified threat management (UTM) appliances<\/a> can be an easier way for small and mid-sized companies to get firewall protections.<\/p>\n<p><a href=\"https:\/\/www.esecurityplanet.com\/networks\/waf\/\">Application firewalls<\/a> are also often necessary if your company operates internet-facing applications. An application firewall monitors incoming traffic to block certain types of content, including attempts to carry out <a href=\"https:\/\/www.esecurityplanet.com\/threats\/what-is-sql-injection-and-how-can-it-hurt-you\/\">SQL injection<\/a> attacks using deliberately malformed queries.<\/p>\n<h2><a name=\"SIEM\"><\/a>SIEM<\/h2>\n<p>One final big ticket item that is becoming increasingly important is a <a href=\"https:\/\/www.esecurityplanet.com\/products\/siem-tools\/\">security information and event management (SIEM)<\/a> system, which can monitor logs from network hardware and software to spot security threats, detect and prevent breaches, and provide forensic analysis after a breach. A SIEM can also generate reports for compliance purposes. A SIEM is the technology that can tie all your security efforts together.<\/p>\n<p>SIEM systems are also increasingly offering <a href=\"https:\/\/www.esecurityplanet.com\/networks\/soar\/\">SOAR<\/a> and\u00a0<a href=\"https:\/\/www.esecurityplanet.com\/products\/best-user-and-entity-behavior-analytics-ueba-tools\/\">UEBA<\/a> technologies.<\/p>\n<h2><a name=\"pentest\"><\/a>Testing<\/h2>\n<p>You should think like a hacker, and test your security posture. Once an overall security solution is in place, the best way to find out how effective it is at preventing a breach is to subject it to <a href=\"https:\/\/www.esecurityplanet.com\/networks\/penetration-testing\/\">penetration testing<\/a>. Also called vulnerability assessment and testing or &#8220;pen testing&#8221; for short, this involves a simulated attack on your organization&#8217;s network to assess security and determine its vulnerabilities.<\/p>\n<p>These &#8220;white hat&#8221; attacks carried out by security professionals are designed to identify network security issues and other vulnerabilities, identify policy compliance failures, and improve employee awareness of proper security practices.<\/p>\n<p>A newer approach is <a href=\"https:\/\/www.esecurityplanet.com\/threats\/breach-and-attack-simulation-find-vulnerabilities-before-the-bad-guys-do\/\">breach and attack simulation<\/a> technologies, which can provide the equivalent of continuous penetration testing.<\/p>\n<h2><a name=\"response\"><\/a>Preparing for a Breach<\/h2>\n<p>There is always a risk of a security breach, and organizations should prepare for one to ensure that damage can be limited by planning an <a href=\"https:\/\/www.esecurityplanet.com\/networks\/best-incident-response-tools-services\/\">incident response<\/a> process.<\/p>\n<p>This should include preparation, identification, containment, eradication, recovery and learning from the incident, according to SANS Institute recommendations.<\/p>\n<h2><a name=\"cyberinsurance\"><\/a>Cyber Insurance<\/h2>\n<p>One final measure that can be taken as part of a risk management process is the purchase of <a href=\"https:\/\/www.esecurityplanet.com\/threats\/\/cyber-insurance.html\">cyber insurance<\/a> to mitigate the financial costs of a breach. These costs should not be underestimated: the average cost of a data breach in the U.S. is $221 per record, or $7 million per breach, according to the Ponemon Institute&#8217;s Cost of Data Breach Study.<\/p>\n<p>Organizations have many IT security solutions to choose from. An assessment of your most critical vulnerabilities is a very good place to start to determine which of your assets are the most valuable, and then begin to protect them. We offer comprehensive security product overviews in our security products section.<\/p>\n<h3>A Final Word<\/h3>\n<p>Unfortunately, there&#8217;s no such thing as total or complete security. &#8220;It is simply not possible to beat these hackers,&#8221; said James Lewis, a cybersecurity expert at the Washington, D.C.-based Center for Strategic and International Studies (CSIS).<\/p>\n<p>There will always be a malicious actor such as a nation state with more resources to devote to hacking than an enterprise can devote to defending itself. &#8220;Government-backed hackers simply won&#8217;t give up. They will keep trying until they succeed,\u201d Lewis said.<\/p>\n<p>And that means that IT security ultimately boils down to security risk management: using the available IT security budget to build not a total or complete security system, but an optimal one that defends your most critical assets. Some security technologies even count on bad guys getting in, like <a href=\"https:\/\/www.esecurityplanet.com\/networks\/deception-technology\/\">deception technology<\/a>, which tries to distract hackers by leading them to worthless assets. And some companies turn some of their security defenses over to <a href=\"https:\/\/www.esecurityplanet.com\/products\/mssp\/\">managed security service providers<\/a> to help minimize cost. The average security budget is 5.6% of the total IT budget in most organizations, according to Gartner. Your responsibility as a security professional is to use the budget to minimize risk in the best way possible.<\/p>\n<p>Organizations have many IT security solutions to choose from. An assessment of your most critical vulnerabilities is a very good place to start to determine which of your assets are the most valuable, and then begin to protect them. We offer comprehensive security product overviews in our <a href=\"https:\/\/www.esecurityplanet.com\/products\/top-cybersecurity-companies\/\">security products<\/a> section.<\/p>\n<p><em>See anything we missed or wish to share your own views and experience? Let us know in the comment form below.<\/em><\/p>\n<\/div>\n\n\n<div id=\"ta-campaign-widget-66d6f68a050ae-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6f68a050ae\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6f68a050ae\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6f68a050ae\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6f68a050ae\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6f68a050ae\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6f68a050ae\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; The perfect IT security solution is one that makes an enterprise completely secure and &#8220;unhackable,&#8221; where no unauthorized parties can get onto the network, access confidential data, deny service to legitimate users, or otherwise carry out any malicious or unwanted activities. Anyone who reads the security news these days knows that perfect security is [&hellip;]<\/p>\n","protected":false},"author":226,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[14],"tags":[10689,2027],"b2b_audience":[34],"b2b_industry":[],"b2b_product":[377,143,375,376],"class_list":["post-7259","post","type-post","status-publish","format-standard","hentry","category-networks","tag-enterprise-security","tag-it-security","b2b_audience-evaluation-and-selection","b2b_product-gateway-and-network-security","b2b_product-security","b2b_product-security-management","b2b_product-security-services"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Security Technologies for an Optimal Security Posture<\/title>\n<meta name=\"description\" content=\"Complete and total security is impossible, so which IT security technologies will get you to your ideal security posture? We outline your options.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Technologies for an Optimal Security Posture\" \/>\n<meta property=\"og:description\" content=\"Complete and total security is impossible, so which IT security technologies will get you to your ideal security posture? We outline your options.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2017-11-15T00:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-16T16:15:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/eSecurity_redesign_badgecolor.png\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Paul Rubens\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Paul Rubens\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/\"},\"author\":{\"name\":\"Paul Rubens\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c\"},\"headline\":\"How to Achieve an Optimal Security Posture\",\"datePublished\":\"2017-11-15T00:00:00+00:00\",\"dateModified\":\"2022-08-16T16:15:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/\"},\"wordCount\":2103,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"keywords\":[\"enterprise security\",\"IT security\"],\"articleSection\":[\"Networks\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/\",\"name\":\"Security Technologies for an Optimal Security Posture\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"datePublished\":\"2017-11-15T00:00:00+00:00\",\"dateModified\":\"2022-08-16T16:15:28+00:00\",\"description\":\"Complete and total security is impossible, so which IT security technologies will get you to your ideal security posture? We outline your options.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Achieve an Optimal Security Posture\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c\",\"name\":\"Paul Rubens\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg\",\"caption\":\"Paul Rubens\"},\"description\":\"Paul Rubens is a technology journalist based in England, and is an eSecurity Planet contributor.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/paul-rubens-esp\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Technologies for an Optimal Security Posture","description":"Complete and total security is impossible, so which IT security technologies will get you to your ideal security posture? We outline your options.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/","og_locale":"en_US","og_type":"article","og_title":"Security Technologies for an Optimal Security Posture","og_description":"Complete and total security is impossible, so which IT security technologies will get you to your ideal security posture? We outline your options.","og_url":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/","og_site_name":"eSecurity Planet","article_published_time":"2017-11-15T00:00:00+00:00","article_modified_time":"2022-08-16T16:15:28+00:00","og_image":[{"width":600,"height":600,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/eSecurity_redesign_badgecolor.png","type":"image\/png"}],"author":"Paul Rubens","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Paul Rubens","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/"},"author":{"name":"Paul Rubens","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c"},"headline":"How to Achieve an Optimal Security Posture","datePublished":"2017-11-15T00:00:00+00:00","dateModified":"2022-08-16T16:15:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/"},"wordCount":2103,"commentCount":0,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"keywords":["enterprise security","IT security"],"articleSection":["Networks"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/","url":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/","name":"Security Technologies for an Optimal Security Posture","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"datePublished":"2017-11-15T00:00:00+00:00","dateModified":"2022-08-16T16:15:28+00:00","description":"Complete and total security is impossible, so which IT security technologies will get you to your ideal security posture? We outline your options.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-achieve-an-optimal-security-posture\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"How to Achieve an Optimal Security Posture"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c","name":"Paul Rubens","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg","caption":"Paul Rubens"},"description":"Paul Rubens is a technology journalist based in England, and is an eSecurity Planet contributor.","url":"https:\/\/www.esecurityplanet.com\/author\/paul-rubens-esp\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/7259"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/226"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=7259"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/7259\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=7259"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=7259"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=7259"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=7259"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=7259"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=7259"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}