10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011

Similar documents
Security Management. Keeping the IT Security Administrator Busy

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

The Payment Card Industry (PCI) Data Security Standards (DSS) v1.2 Requirements:

Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off

Deploying Firewalls Throughout Your Organization

Defending Against Data Beaches: Internal Controls for Cybersecurity

Proven LANDesk Solutions

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Critical Security Controls

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Payment Card Industry Data Security Standard

Protecting Your Organisation from Targeted Cyber Intrusion

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Cisco Security Optimization Service

Guideline on Auditing and Log Management

Top five strategies for combating modern threats Is anti-virus dead?

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Security Solution Architecture for VDI

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Security Services. 30 years of experience in IT business

Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities

Did you know your security solution can help with PCI compliance too?

Chapter 9 Firewalls and Intrusion Prevention Systems

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

IBM Security Intrusion Prevention Solutions

2012 Endpoint Security Best Practices Survey

SANS Top 20 Critical Controls for Effective Cyber Defense

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Securing Internet Facing. Applications. Technical White Paper. configuration drift, in which IT members open up ports or make small, supposedly

How To Secure Your System From Cyber Attacks

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

Reducing the cost and complexity of endpoint management

Next Gen Firewall and UTM Buyers Guide

Beyond passwords: Protect the mobile enterprise with smarter security solutions

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA

A Case for Managed Security

Locking down a Hitachi ID Suite server

Zone Labs Integrity Smarter Enterprise Security

A Decision Maker s Guide to Securing an IT Infrastructure

Small and Midsize Business Protection Guide

Secure Your Mobile Workplace

How To Protect Your Network From Attack From A Network Security Threat

Chapter 1 The Principles of Auditing 1

How To Protect Your Mobile Device From Attack

Advantages of Managed Security Services

Achieving PCI-Compliance through Cyberoam

Internet threats: steps to security for your small business

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Clean VPN Approach to Secure Remote Access for the SMB

Threat Intelligence Pty Ltd Specialist Security Training Catalogue

Making the difference between read to output, and read to copy GOING BEYOND BASIC FILE AUDITING FOR DATA PROTECTION

Beyond the Hype: Advanced Persistent Threats

Driving Company Security is Challenging. Centralized Management Makes it Simple.

5 Steps to Advanced Threat Protection

FileCloud Security FAQ

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

End to End Security do Endpoint ao Datacenter

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Top 20 Critical Security Controls

Technical Testing. Network Testing DATA SHEET

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

BlackRidge Technology Transport Access Control: Overview

Security Issues with Integrated Smart Buildings

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Conquering PCI DSS Compliance

End-user Security Analytics Strengthens Protection with ArcSight

Media Shuttle s Defense-in- Depth Security Strategy

CYBER SECURITY INFORMATION SHARING & COLLABORATION

modules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:

10 Things Every Web Application Firewall Should Provide Share this ebook

External Supplier Control Requirements

Countering Insider Threats Jeremy Ho

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Firewall and UTM Solutions Guide

Managing Web Security in an Increasingly Challenging Threat Landscape

Content Teaching Academy at James Madison University

Security Practices for Online Collaboration and Social Media

Managed Services. Business Intelligence Solutions

74% 96 Action Items. Compliance

Transcription:

10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection September 2011

10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 2 It s common to read stories about security breaches at large enterprises. But big institutions and global brands aren t the only targets or even the prime targets of today s computer crime. Today s profit-oriented professional hackers have automated tools enabling attacks on many soft targets with little effort or risk. So smaller businesses are probed for vulnerabilities on an increasingly-frequent basis, and they can make for easy pickings. Smaller organizations are rarely secured to the same degree as large enterprises. They often lack budget for complex infrastructure and administrative protocols. For logical reasons, they tend to favor IT generalists over security specialists, creating a skills gap in security solution planning and implementation, and a bandwidth gap in management and monitoring. For productivity and cultural reasons, they often have liberal policies for mobility, use of in-office WiFi, installation of unauthorized applications, use of unapproved mobile devices and online services technology populism that brings with it a host of potential vulnerabilities. Many smaller businesses are hard-pressed even to keep up with endpoint, server and asset software patches, so may leave common vulnerabilities in place for exploitation over long periods of time. In general, SMBs are no match for professional interlopers from organized crime to rogue nation-states launching a palette of attacks ranging from email phishing to social engineering to so-called Advanced Persistent Threats. And SMB defenders need to at least try to thwart every possible attack, but attackers only need to find one vulnerability to wreak havoc. A layered security strategy overlapping security solutions for VPN, network, servers, data and endpoint device management and policy enforcement protects assets behind several lines of defense. But a fully-articulated layered security system is something that even large enterprises with resources and specialized IT talent are sometimes challenged to deploy. Enterprise-scale solution suites are expensive, complex, and involve many moving parts.

10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 3 What smaller organizations need is a simplified solution for layered security: where non-specialized IT personnel package core infrastructure pieces for easy installation, configuration, management, and use. Here are ten reasons why such a right sized layered security solution may be the right choice for your business. The Internet is out there (but also in here). Your business cannot run without the Internet. But most threats to your security originate there in fact, a recent Symantec study noted that over 98% of threats to confidential information involved remote access; and denialof-service (DoS) and other transactional attacks typically strike from the Net. But it s also wrong to view network security in terms of a simple, inside vs. outside model. For example, about a third of incidents reported by SMBs involve insider misuse of network or server access. This is, of course, not all malicious a guest who hops onto your WiFi or plugs into a spare LAN port is probably just checking their email. But in some cases unauthorized access can become a real threat. Zone-based firewalls are the classic answer. Modern firewalls protect against unsponsored traffic, can be used to black-hole DoS attacks, and can maintain internal VPN zones that isolate guest network services, and provide controlled access to intranet and application servers. The trouble is that firewalls can be complex and hard to configure something that SMB layered security solutions take pains to manage by providing intelligent defaults and simple, Wizard-based configuration and management interfaces. The top solutions package core firewall functionality with VPN remote access and content filtering (see below), creating a one-box solution that covers a range of threats from inside and outside your organization, and can even offer a secure portal enabling outsourcing and remote intervention by specialized security service providers. Remote access threats. It s a given that you need to give employees, partners and others access to your network from outside. But the only safe way to do this is via a Virtual Private Network or VPN, which authenticates and encrypts traffic from authorized endpoints to your network edge and provides controlled access to critical assets. Making VPN a part of a highperformance, one-box network security solution makes huge sense: earning economies of scale through sharing of underlying compute, storage, network interface and network-content processing components, and providing a single interface for user-account creation, management, and revocation.

10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 4 Browser threats. The web is critical to productivity, but browsers represent fairly serious threats to security: they vector malware, carry phishing attempts, enable esoteric remote attacks like Cross-Site Request Forgery and can be compromised to communicate your data or reveal your passwords to bad actors in the outside world. Web filtering, performed at the network edge, provides a bulwark against all these potential threats. But like firewalls, filtering systems can be hard to configure and keep up to date unless they re packaged and maintained as part of a comprehensive network security appliance solution. Email threats. Email is another classic attack vector for introducing malware, performing phishing and other forms of impersonation for social engineering, and is a common route for abuse and for the improper release (whether voluntary or involuntary) of PII and other regulated information. Email is also the mainstay of compliance, auditing, and proving due diligence under any regulatory regime. So email integrity is essential in managing all forms of business risk. For this reason, it makes sense, even within the context of an otherwise comprehensive layered security plan, to treat email as a special case and give it another layer of protection. The good news is that top-rated email security systems are improving radically, offering malware and spam protection, boundary encryption to protect partner communications, sophisticated administration controls, and end-user-empowering features such as the ability to define and manage whitelists, and tune spam settings within policy guidelines. Vulnerable endpoints. Laptops, desktops, and mobile devices can be targets for malware, rootkit, and other attack software insertion. Once compromised, the data they contain and the information they transmit becomes accessible to black hats, betraying company and employee security. Keeping endpoint devices protected, however, is a tall order. Safety depends on patching the OS and authorized applications regularly, maintaining antivirus and filtering apps, configuring machines for maximum resilience, and enforcing policies for which apps can be installed, and which can t. Doing this effectively demands automation: the best system management solutions use auto-discovery technologies to help you inventory equipment and track assets; provide and enforce configuration management; perform updates and patches; and insure that security configurations aren t altered by end-users. These are all important parts of the System Management functionality required by a layered security system.

10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 5 OS deployment. Upgrading desktop and laptop operating systems may be the single most effective move you can make for security not only because newer operating systems are more secure, but because the upgrade process cleanses systems and provides a change-up point for negotiating new security protocols with users. For this reason, the System Management feature set of a layered security solution should provide an OS deployment facility. Vulnerable browsing. Despite web filtering, antivirus, and browser security, browser-based transactions always carry some risk of compromise. An effective solution is to deploy proxy browsers in place of standard desktop browsing software: a proxy browser is a virtualized instance usually of a popular browser such as Firefox that runs in a controlled sandbox with zero access to host machine storage and other features. The use of virtualization insures that even exploits aimed at the model browser s known vulnerabilities can t be used to compromise your machines or data, or your users security. Vulnerable data. Access control and intrusion prevention systems sometimes fail, and no peripheral defense is proof against an inside job. Deep encryption of proprietary and critical files can mitigate this risk and help prevent data loss. Modern, enterprise file-based encryption solutions run transparently, encrypting files in ways that don t inhibit authorized use while protecting them in transit and in storage, both on the company premise and when files are copied to thumb drives or removable media. Late night attacks. The nature of Advanced Persistent Threats is just that: persistence. Automated attack machines probe for vulnerabilities around the clock, and DoS and other attacks can take place at any hour, a real threat when their goal isn t so much to deny service as to exploit buffer-overrun and other vulnerabilities to compromise your network perimeter. Security monitoring is the answer: a combo of human specialists and automated tools that review real-time network traffic and stay on top of the emerging threat landscape, so they can recognize suspicious activity and intervene before security is breached. Comprehensive SMB layered security solutions may use on-premise equipment to enable remote monitoring and intervention.

10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 6 Endpoint authentication threats. SMBs commonly use password-only protection for endpoint machines and even for access to critical shared assets. These days that s not enough passwords are easy to crack, guess, or compromise through social engineering, and compromised endpoint devices can easily become portals for accessing your proprietary information. Good authentication ideally a two-factor authentication system requiring both a password and a token (i.e., something you know and something you have ) can help solve this problem. But two-factor authentication schemes can be complex, challenging to manage, and difficult for users. A complete layered security solution for SMBs will incorporate several options for improved endpoint and asset/server authentication the best will support not just dongle and smartcard-based systems, but also biometrics, which may be easier to use and just as secure.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information