Is it time to review your network security strategy?
Network security is becoming one of the most important factors for business success. According to Forbes, ‘Worldwide spending on information security products and services will reach over $114 billion in 2018, an increase of 12.4% from last year’. Network security services costs are expected to increase even more in the near future. These figures certainly raise our attention! Is your database security up to par? Do you have robust cybersecurity policies? If the answer to either of these questions is ‘No’, you may need to review your IT strategy and budget. You need to be ready to combat emerging cybersecurity threats to protect your business and profits.
As network security budgets increase, cybersecurity performance expectations will rise. Accordingly, most cybersecurity policies need updating to achieve the company’s security component’s performance goals. As well, company management will almost certainly apply pressure to control cost and deliver on network security objectives. Therefore, you should invest in your network security budget wisely, to get the most benefit possible. In this post, we provide a discussion on some areas of network security that have the potential to make a positive impact on your business.
In recent history, more companies embrace cybersecurity policies that allow BYOD (Bring Your Own Device) in the work environment. This is justified, considering the increasing of devices that have some form of connection to company networks. Your cybersecurity policies and help you manage BYOD security risks in a variety of ways.
Focus is shifting from external to internal threat control. Some companies are finding difficulty managing BYOD policy internally and are turning to 3rd party managed services for help. As employees are increasingly using their smartphones for work purposes, some companies’ cybersecurity policies allow it because BYOD usage correlates with improved worker productivity. Unfortunately, increased BYOD usage also increases the opportunity for a hacker to invade the network. BYOD policy needs to promote the responsible use of personal devices, ensuring the installation of software updates and patches when available. Companies can also reduce exposure to smartphone-based cyber-attacks by providing smartphones to employees as part of the employees’ compensation packages. This allows the company to approve applications installed on smartphones connected to the network. Similarly, network security service administrators can keep track of security features and versions on the company provided smartphones. Essentially, this is a shift away from true BYOD.
If you decide to keep true BYOD active in your company, you need to consider relevant security measures. A few network security concerns, specific to BYOD cybersecurity policy:
- Will the company provide hardware troubleshooting support? Very often, companies elect to forego the provision of BYOD device support. If the employee has a technical problem with their own device, they will have to resolve the problem using their own resources.
- Will the employee store company-owned data on the BYOD device? You may decide to allow this practice in order to promote efficiency and productivity. If so, you need to consider how to implement rules to ensure employees do not expose company data to theft. Also, the BYOD policy should address the company’s right to access the employees’ BYOD device for purposes of retrieving company data.
- Ensure security of the BYOD to network connections.
Control of All Hardware and Software Connected to Your Network
Do you know when an unapproved or unsecured asset connects or software runs on your network? This is a key concern if you allow BYOD devices to connect to your IT network and systems. The topic ‘BYOD Policy’ addresses most of the BYOD security concerns. However, even using company-provided hardware allows the potential for invasion.
Cloud-Based Storage: Not all cloud applications have the same level of database security protection. Make it your business to understand the level of security maintained by the cloud service.
Be aware of all software and assets connected to your network: Employees shouldn’t have the ability to download applications without approval from your IT department or IT partner. All employees need to be trained on your network security policies and strong network management tools should be in place.
Connection Approval: You need to ensure control of settings and configuration on all hardware and software connected to your network. This is necessary to provide adequate security.
Blocking Unapproved Applications: Implementing a zero-tolerance policy for unapproved assets or software can help you limit the network’s exposure to harmful code. You can configure the network to automatically block any software that has not received approval by the network administration. When an employee wants to use an application that interfaces with the network, this policy will provide an opportunity to ensure the proper security measures are in place.
Network Security Administration Upgrade
Network security threats are on the rise, and the complexity of IT security solutions is increasing. To meet these challenges, many companies are providing a greater focus on network security administration. They understand that effective network security administration now requires a focused approach. The challenge and workload is too great for a network administrator to effectively manage by themselves. Some companies now separate the role of network security administrators from the all-encompassing network administrator role.
The role of the Network Security Administrator (NSA) is to ensure compliance with company cybersecurity policies. The NSA also is responsible to ensure the relevancy of the company’s security protection programs. However, this does not mean that the NSA is solely responsible for implementing network security in all departments. The trend is for the NSA to oversee policy and provide operational support to personnel responsible for implementing network security services in each department. The primary goals of this organizational structure are to unify security administration across the company and to promote department ownership of security performance.
You can fill the NSA role with company staff or you can use a managed service provider.
Cloud-Based Dynamic Security as a Service
The range of applications used by employees in the daily course of business continues to expand. Unfortunately, the range of cyber-attacks seems to be keeping pace. The combination of these factors requires very frequent software patches and security upgrades. This activity consumes significant time and resources, very often more than a small or medium-sized company can reliably deliver.
In response to this challenge, service providers are now offering Cloud-Based Dynamic Security as a Service (CBDSaaS). With CBDSaaS, companies are moving away from large piece-meal updates, and receive updates as soon as new versions and patches arrive. The dynamic nature of the service results in frequent small scope updates and patches. This reduces exposure time to emerging cyber threats.
CBDSaaS typically includes services such as IPS updates (Intrusion Protection Service), website whitelisting/blacklisting, and other common security tasks. Another emerging aspect of CBDSaaS is multi-cloud security solutions. This allows for the unification of security policy across multiple public and private cloud platforms, improving your database security.
Network Penetration Risk Reduction
Effective use of a cybersecurity budget will yield success in reducing exposure to cyber threats. The list below provides a few ways to leverage your IT budget to reduce your exposure to cyber-attack. You may find benefit in reviewing your cybersecurity policies to account for these aspects of network security.
Penetration Testing: There is a growing trend toward more frequent penetration testing. This is a good way to learn your network’s cybersecurity vulnerabilities. Penetration testing can help you identify weaknesses and provide focus to help you reduce your risk of penetration. Cybercriminals are using AI to enhance the identification of better targets and to efficiently find weak points for access. They also use AI to help them customize attacks. The cybersecurity industry is now using AI to fight back. Automation and AI (artificial intelligence) are making penetration testing more affordable and less time-consuming.
Remote Browsers: Remote browsing uses a cloud to provide the browser application, rather than launching the browser on your local computer. Thus, the remote browser isolates users’ browsing sessions from endpoints and the network. Do your cybersecurity policies promote or enforce the use of remote browsers?
Real-Time Change Auditing Solutions (RTAS): This class of products alerts administrators to user privilege abuse and suspicious file/folder activity. You can prompt alerts based on a single event or a threshold condition. RTAS can detect account modifications, deletions, inactive user accounts, privileged mailbox access and a lot more.
Multi-Factor Authentication (MFA): Most companies are still using single-factor authentication (SFA), but the trend toward MFA is increasing. SFA is much more accessible to attack simply because there is only one initial entry barrier to user access to the network. SFA is most often embraced by using a combination of user ID and password. You can couple other identification methods with UID/PW to produce an MFA barrier. Examples of other ID technologies include retina scanning, fingerprint matching, or code transmission to another device or email address.
When a network experiences an attempt to breach security, you need to take immediate action to limit the risk of harm to any part of your network and your business. Unless you monitor your system continuously monitored, windows of opportunity may result in a major problem. 24/7 monitoring significantly reduces your exposure to an escalation of a cyber-attack. CIS provides 24/7 monitoring services that can help you limit your network security risk.
Network Attack Detection and Prevention
Network attacks occur in many and complex ways. You can learn some basics about different modes of attack from a recent CIS blog post ‘Hackers Are Ready for You, Are You Ready for Them?’. In this blog post, you will learn ways to detect attacks and ways to prevent them from escalating into a major problem.
Employee Cybersecurity Training
One critical aspect of cybersecurity is employee cybersecurity training. Employee activity continues to present significant cybersecurity risks, particularly when your company maintains a BYOD policy. In addition to the section above on BYOD Policy, we explain this risk factor in greater detail in the CIS blog post ‘8 BYOD Network Security Risks’.
The CIS blog post ‘Top Tips for Keeping Up With Employee Cybersecurity’ describes some of the key employee-related cybersecurity risks, and provides recommenced actions you can take to reduce exposure.
Data Backup and Disaster Recovery
The risk of a network attack is always present, even with a high level of network security measures applied. Additionally, other threats can cause loss of data and interruption to business continuity, such as natural disasters (e.g. fire, server crash, flood, etc.). For these reasons, a business needs to maintain a complete back up of all business-critical data and a workable and tested disaster recovery plan.
Security software needs updating as cybersecurity threats continue to evolve. This is true for cybersecurity software as well as software and operating systems that have built-in cybersecurity features. Companies can achieve this objective in a variety of ways, including software leases that include automatic cybersecurity updates as part of the contract lease rate. Others delegate this task to an IT MSP and integrate this service as part of overall IT systems maintenance and monitoring.
We Know Your Business