Is it time to review your network security strategy?
Network security is becoming one of the most important factors for business success. According to Forbes, ‘Worldwide spending on information security products and services will reach over $114 billion in 2018, an increase of 12.4% from last year’. Expenditures are expect to increase even more during 2019. These figures certainly raise our attention! Is your database security up to par? Do you have robust cybersecurity policies? If the answer to either of these questions is ‘No’, you may need to review your IT strategy and budget. You need to be ready to combat emerging cybersecurity threats to protect your business and profits.
As network security budgets increase, cybersecurity performance expectations will rise. Accordingly, many (most?) cybersecurity policies need updating to achieve the company’s cybersecurity performance goals. As well, company management will almost certainly apply pressure to control cost and deliver on objectives. Therefore, you should invest in your network security budget wisely, to get the most benefit possible. In this post, we provide discussion on some areas of network security that have the potential to make a positive impact on your business.
In recent history, more companies embrace cybersecurity policies that allow BYOD (Bring Your Own Device) in the work environment. This is justified, considering the proliferation of devices that have some form of connection to company networks. Your cybersecurity policies and help you manage BYOD security risks in a variety of ways.
Focus is shifting from external to internal threat control. Most companies are finding that BYOD security management for 3rd party services is becoming easier to manage. Some companies are finding difficulty managing BYOD policy internally. Employees are increasingly using their smartphones for work purposes. Some companies ‘cybersecurity policies allow this activity because the trend of increased BYOD usage correlates with improved worker productivity. Unfortunately, increased BYOD usage also increases the opportunity for a hacker to invade the network. BYOD policy needs to promote the responsible use of personal devices, ensuring the installation of software updates and patches when available. Companies can also reduce exposure to smartphone-based cyber-attacks by providing smartphones to employees as part of the employees’ compensation packages. This allows the company to approve applications installed on smartphones connected to the network. Similarly, network security administrators can keep track of security features and versions on the company provided smartphones. Essentially, this is a shift away from true BYOD.
If you decide to keep true BYOD active in your company, you need to consider relevant security measures. A few security concerns, specific to BYOD cybersecurity policy:
- Will the company provide hardware trouble shooting support? Very often, companies elect to forego provision of BYOD device support. If the employee has a technical problem with their own device, they will have to resolve the problem using their own resources.
- Will the employee store company owned data on the BYOD device? You may decide to allow this practice in order to promote efficiency and productivity. If so, you need to consider how to implement rules to ensure employees do not expose company data to theft. Also, the BYOD policy should address the company’s right to access the employees BYOD device for purposes of retrieving company data.
- Ensure security of the BYOD to network connections.
Control of All Hardware and Software Connected to Your Network
Do you know when an unapproved or unsecured asset connects or software runs on your network? This is a key concern if you allow BYOD devices to connect to the network. The topic ‘BYOD Policy’ addresses most of the BYOD security concerns. However, even using company provided hardware allows potential for invasion.
Cloud Based Storage: Not all clouds have the same level of database security protection. Make it your business to understand the level of security maintained by the cloud service.
Be aware of all software and assets connected to your network: Employees often download applications from a variety of sources. Even when the employee uses the application without accessing data stored on the network, there is still a risk of malicious code invading the network. Employees need to understand that the company must approve all software before installing on a company computer.
Connection Approval: You need to ensure control of settings and configuration on all hardware and software connected to your network. This is necessary to provide adequate security.
Blocking Unapproved Applications: Implementing a zero tolerance policy for unapproved assets or software can help you limit the network’s exposure to harmful code. You can configure the network to automatically block any software that has not received approval by network administration. When an employee wants to use an application that interfaces with the network, this policy will provide opportunity to ensure the proper security measures are in place.
Network Security Administration Upgrade
Cybersecurity threats are on the rise, and complexity of network security solutions is increasing. To meet these challenges, many companies are providing greater focus on network security administration. They understand that effective network security administration now requires focused approach. The challenge and workload is too great for a network administrator to effectively manage by themselves. Some companies now separate the role of network security administrator from the all-encompassing network administrator role.
The role of the Network Security Administrator (NSA) is to ensure compliance with company cybersecurity policies. The NSA also is responsible to ensure relevancy of the company’s security protection programs. However, this does not mean that the NSA is solely responsible for implementing network security in all departments. The trend is for the NSA to oversee policy and provide operational support to personnel responsible for implementing network security in each department. The primary goals of this organizational structure are to unify security administration across the company, and to promote department ownership of security performance.
You can fill the NSA role with company staff or you can outsource it. Resource constraints force many small to medium-sized companies to outsource overall network administration, including the role of Network Security Administrator.
Cloud Based Dynamic Security as a Service
The range of applications used by employees in the daily course of business continues to expand. Unfortunately, the range of cyber-attacks seems to be keeping pace. The combination of these factors requires very frequent software patches and security upgrades. This activity consumes significant time and resources, very often more than a small or medium sized company can reliably deliver.
In response to this challenge, service providers are now offering Cloud Based Dynamic Security as a Service (CBDSaaS). With CBDSaaS, companies are moving away from large piece-meal updates, and receiving updates as soon as new versions and patches arrive. The dynamic nature of the service results in frequent small scope updates and patches. This reduces exposure time to emerging cyber threats.
CBDSaaS typically includes services such as IPS updates (Intrusion Protection Service), website whitelisting/blacklisting, and other common security tasks. Another emerging aspect of CBDSaaS is multi-cloud security solutions. This allows for unification of security policy across multiple public and private cloud platforms, improving your database security.
CIS (Custom Information Services) includes CBDSaaS as part of their standard MSP services. This improves your database security at affordable rate.
Network Penetration Risk Reduction
Effective use of a cybersecurity budget will yield success in reducing exposure to cyber threats. The list below provides a few ways to leverage your IT budget to reduce your exposure to cyber-attack. You may find benefit in reviewing your cybersecurity policies to account for these aspects of network security.
Penetration Testing: There is a growing trend toward more frequent penetration testing. This is a good way to learn your network’s cybersecurity vulnerabilities. Penetration testing can help you identify weaknesses and provide focus to help you reduce your risk of penetration. Cybercriminals are using AI to enhance identification of better targets and to efficiently find weak points for access. They also use AI to help them customize attacks. The cybersecurity industry is now using AI to fight back. Automation and AI (artificial intelligence) are making penetration testing more affordable and less time consuming.
Remote Browsers: Remote browsing uses a cloud to provide the browser application, rather than launching the browser on your local computer. Thus, the remote browser isolates users browsing sessions from end points and the network. Do your cybersecurity policies promote or enforce use of remote browsers?
Real Time Change Auditing Solutions (RTAS): This class of products alerts administrators to user privilege abuse and suspicious file/folder activity. You can prompt alerts based on a single event or a threshold condition. RTAS can detect account modifications, deletions, inactive user accounts, privileged mailbox access and a lot more.
Multi-Factor Authentication (MFA): Most companies are still using single factor authentication (SFA), but trend toward MFA is increasing. SFA is much more accessible to attack simply because there is only one initial entry barrier to user access to the network. SFA is most often embraced by using of a combination of user ID and password. You can couple other identification methods with UID/PW to produce a MFA barrier. Examples of other ID technologies include retina scanning, fingerprint matching, or code transmission to another device or email address.