The fundamentals of network security and cybersecurity hygiene

By | 6:13 PM Leave a Comment

Infrastructure and network security

The two fundamental building blocks to ensuring that your data is secure are physical infrastructure and network security. Understanding and protecting your information from threats and human error require meticulously layered security protocols.

Physical infrastructure

Last year, British Airways canceled over 400 flights and stranded 75,000 passengers because of an IT outage caused by an engineer who disconnected a power supply at a data center near London’s Heathrow airport. When it comes to data centers and networks, even minor human errors can have a major impact on businesses and their customers.

With the exorbitant costs and human resources required to maintain an on-premise system, organizations should be looking to the public cloud companies who have the necessary resources to properly manage and secure their data centers.

Public cloud companies bring capital and expertise to the table. Their physical infrastructure and data centers are much better protected than what most companies could put in place on their own. For example, Google’s focus on security and data protection is ingrained in their company culture and technology solutions. With that in mind, it is the primary design criteria when they are constructing their data centers.

Google uses a layered security model that includes safeguards like custom-designed electronic access cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, biometrics, and laser beam intrusion detection on the data center floor. The data centers are also monitored 24/7 by high-resolution cameras that can detect and track intruders. Access logs, activity records, and camera footage are available in case an incident occurs. Furthermore, it is only possible to access the data center floor using a security corridor which features multi-factor access control that requires a security badge and biometric confirmation. Only approved employees with specific roles are provided with the credentials necessary to enter it.

Network security

If you think that your firewalls are secure, think again. Physical security is important but protecting your network is just as vital. It’s like an arms race between the defense – on-premise firewalls and security systems – and hackers. Almost half (48%) of organizations who suffered a cyberattack identified the root cause of their data breach as a malicious or criminal attack.

Not only are internally-built firewalls typically poorly managed and more vulnerable to being hacked, they are also unable to provide organizations with the necessary risk alerts. The only companies that truly have enough properly trained staff and dedicated resources to stay on top of network security are public cloud companies.

With so many vulnerabilities out there, from the five backdoors that Cisco discovered this year to the notorious USB Conficker worm, you need the best protection. Without regular maintenance, hackers can and will break through your firewalls and other off-the-shelf security software. Merely having a firewall is not enough to ensure that the data that is housed in your company’s network is secure. However, the constant testing, maintenance, and upgrades are too rigorous for many businesses trying to go it alone.

On the other hand, some top cloud companies employ hundreds of security and privacy professionals in their software engineering and operations divisions. Employees of public cloud companies include some of the world’s foremost experts in data, application, and network security – publishing hundreds of research articles on information security and cryptography every year. Their highly specialized teams are broken down into more agile departments that are dedicated to disciplines that include security, privacy, internal audit and compliance, and operational security. This level of specialization ensures that customers’ security needs receive even more detailed attention.

Software updates

Many of the network vulnerabilities described in the previous section were quickly fixed by the vendors after they were found, but this is not enough. Companies also need to update their operating systems, databases, and web servers for the patches to be applied. Many are neglecting this responsibility. When software isn’t properly updated to protect against the latest cyber threats, the entire company is put at risk.

When it comes to software maintenance, there’s more to it than upgrade and installation costs. The ability to keep a company’s software stack updated is also dependant on the capabilities of the corporate IT team and the individual employees who use company-issued or personal devices for work. It’s also challenging to update systems and devices without service interruptions. Many IT departments will delay the deployment of critical updates to minimize the impact of interruptions.

This is a common pitfall of organizations who use software beyond the official end of support date. This puts such organizations at a huge risk, not being able to patch critical vulnerabilities. For example, as was the case with WannaCry. Patches for the old software were not available as the end of support date was in 2014.

The implications of a software vulnerability can be as severe as any other IT security breach. For example, IHG released data showing that cash registers at more than 1,000 of its properties were compromised by malicious software that was designed to siphon customer debit and credit card data.

Employing dedicated vulnerability management, malware prevention, and monitoring teams, Google provides its customers with a secure business platform. Google’s malware strategy uses manual and automated scanners to scour their search index for domains that may be vehicles for malware or phishing schemes. Google also utilizes multiple antivirus engines in Gmail and Drive as well as on their servers and workstations to help identify malware that may have been missed by other antivirus programs.

User authentication

Getting document permissions and user authentication right goes a long way to ensuring proper organizational security. It’s important to make sure that the people who are accessing your data are who they say they are. This can be achieved with strong passwords, multi-factor authentication, and physical security keys; all things in which public cloud companies are investing heavily.

For example, Google’s Titan Security Key uses multi-factor authentication to protect users from attacks. Hackers may be able to steal your password in the digital world but they will have a much harder time stealing a physical security key. With multi-layered authentication practices, organizations reduce the risk of unauthorized persons being able to pose as approved users.

Just look what happened back in 2017 when Deloitte, once named “the best cybersecurity consultant in the world” by Gartner, failed to use multi-factor authentication. Hackers were able to access Deloitte’s network after cracking the password of an administrator account that didn’t require multi-factor authentication. This gave the cybercriminals unrestricted access to the company’s emails and email attachments. Had Deloitte been using multi-factor authentication, the hackers would not have had the secondary identifier that they would have needed to log in and the account owner would have been alerted about the unauthorized use of their account – things that would have likely prevented the breach.

Still, it’s not just about passwords. It’s also about having the right policies and procedures in place. A public cloud solution provides customizable permissions and integrated workflows that help improve security and increase productivity. Organizations can monitor who is trying to access their network and proactively block unknown devices from connecting.


from Help Net Security https://ift.tt/2ABGsul

0 comments:

Post a Comment