Erik Giesa profile picture

Erik Giesa

Thursday, March 8, 2018


Mistake #5: Human Error


Human error has been responsible for some of the biggest disasters in the history of the world. After all, we can’t blame Mother Nature for Chernobyl, global warming, the AMC Gremlin, and New Coke. Those are all tragic events that could have easily been avoided with a little more care and effort from the humans responsible for their severely flawed development. Therefore, it only makes sense that human error has tremendous potential to be the source of a big mistake in a micro-segmentation solution.

Complexity is really the root cause when human error surfaces in a flawed segmentation project. If too many dependencies exist, that translates to more work for IT and OT teams that are already overloaded and understaffed.

So, just hire more people, you say? Unfortunately, that’s not a reasonable solution either because a scarcity in qualified talent for IT security remains a big problem, industry-wide.

How to avoid this mistake

Rigorous testing is the only way to determine if your project will be manageable with realistic expectations for complexity and its associated staff requirements. Enact the following steps as a measure to see if your proposed solution can work:

  • First of all, get an estimate for the initial deployment time required per network segment. Previous tests have indicated that as many as five days per segment might be required. This may indicate a workable solution for some smaller projects. However, consider an organization that has 500 segments to address. That equates to a net cost of 2,500 personnel days to implement the solution, which is obviously not acceptable for most businesses.
  • Determine how many new staff members will be required to effectively manage things, post-deployment. Some projects have stated as many as one new staff member for every thirty sites, which has also proven to result in project failure for many organizations.
  • During a pilot run, notice how fast a less experienced staff member can deploy the solution. If it takes more than one hour, that’s not going to work for a lot of IT teams.
  • Test how fast micro-segments can be connected, especially using two or more privately addressed endpoints across separate networks. If this task seems too complex, cumbersome, or even impossible. It’s time to propose something different. Connections of any kind should be possible through a quick and easy process requiring very little, if any expertise.
  • Is a great deal of modification to existing infrastructure required to connect and disconnect different devices from separate networks? If the answer is yes, then this is also an unacceptable situation.
  • If a device is determined to be compromised, can it be easily removed from the network? If the answer is no, then this is perhaps the most unacceptable result of all because it puts your entire network at great risk for intrusion and/or downtime.

Achieving a positive outcome from those testing requirements may seem like a tall order, but it really shouldn’t be. Yesterday’s technology has no place in securing and connecting today’s networks. Thankfully, a less costly, less complex solution is readily available.

A well-Tempered solution

Tempered Networks has the technology to effectively secure and connect networks of any size, type, and age through Identity-Defined Networking (IDN) and the revolutionary Host Identity Protocol (HIP). Our solution effectively minimizes cost and complexity. It also comprehensively addresses all five common mistakes explained in this blog series.

  • Virtual local area networks (VLANs) are not used as the heart of the segmentation solution.
  • Neither are access control lists (ACLs).
  • A well-Tempered solution offers fully integrated cloaking, connectivity, and encryption for unprecedented security and connectivity.
  • The scope of your project is irrelevant. Tempered Networks is capable of providing a micro-segmentation solution for organizations of any size.
  • Human error is minimized because even the least tech-savvy staff member can effectively manage the IDN via the incredibly intuitive and powerful user interface called “The Conductor.”

This is the last installment of my 5-part blog series. The key take away is that human error is bound to occur, but there are effective ways to minimize the number of times it occurs, as well as the impact it has on your network and overall business.

Contact us today to talk about how Tempered Networks can solve your micro-segmentation needs.

Continue reading...