Secure Your Network. Here’s How

How many of us really  know how cyber security works or its priority level in an organisation? To give a broader picture, the rising awareness among company heads regarding the business impact of IT security incidents is already driving the global spend on security, slated to grow at a CAGR of 7 per cent globally. An independent estimate suggests that the global annual IT security spend will reach north of $93 billion in 2018.

So, how do companies protect themselves against any form of cyber attack? To start with, there are many moving parts to building cyber defenses; the most important is to find vulnerabilities across the entire digital footprint of an enterprise. The three layers of security are cyber security, network security, and information security. The layers are not exactly exclusive areas but intersect with each other and thus often lead to a semantic conundrum. Simply put, cyber security is about external threats, network security is about internal threats, and information security is about protecting data and information from getting lost or stolen.

External threats become internal threats when a hacker or the malicious entity breaks into a network asset, for example, an endpoint device like a Desktop or a printer. Research suggests that Enterprises can bring in significant improvements to their security profiles through enabling basic hygiene factors when it comes to IT security. Here are 10 tips for IT administrators to secure the Enterprise network:

Patch: Set up all endpoints and network devices for automatic software and OS updates. An unpatched machine is more likely to have software vulnerabilities that can be exploited.

Secure DNS: There are websites that distribute infected programmes, applications and Trojan files. Another threat exists in the form of poisoned DNS attacks, whereby a compromised DNS server directs you to an unauthorised web server. Users can protect themselves from DNS threats by changing the way their computers process DNS services.

Secure connections: Mandate employees to use VPN or remote connectivity and secure file transfer options when off campus.

Inventory: It is challenging to keep track of all devices connected in the network. Network discovery tools bring a lot of value as they identify and list all hardware/software components, and can also go one step further and identify software installations that provide weak security configurations.

Beyond firewalls: Firewalls help stop incoming threats, but you still require formalised management, destruction and archival procedures for your electronic data. Threats can also come from wireless networks, dial-up modems, and internal employees. Such threats often bypass firewall protection. Next-gen security devices like the Cisco UTM Appliance could provide the ability to detect and stop a much more comprehensive array of attacks than a standard firewall, however; some attacks may pass through the device.

Employees, a hidden threat? The Computer Security Institute estimates that between 60 and 80 per cent of network misuse comes from within the organisation. To mitigate the risk of a threat, dealers should have an Internet content filtering solution that will prevent employees from visiting inappropriate or virus filled websites.

Monitor day and night: Obviously you cannot have your staff watching 24/7 to see when an attack happens and respond to it but you can have a ‘network behaviour anomaly detection’ tool to integrate with the threat-centric NAC  (network access control) solution to respond to security events. Thereby looking across the entire attack continuum, before, during and after an attack.

Fight malware:  The power of having Advanced Malware Protection(AMP)  everywhere within an organisation’s security infrastructure is really the power of having more eyes in more places. Malware moves quickly, works together with other malware in the environment and attacks via e-mail, web, on the endpoint, mobile devices, the list goes on. Get maximum visibility and control into as many attack vectors as possible. Single AMP deployments are powerful on their own.

Many organisations are okay with, for instance, deploying AMP at the endpoint or deploying AMP at the network to get the amount of visibility and control they need. However, many choose to deploy AMP simultaneously at multiple security control points to increase security effectiveness for the organisation. With AMP in more places, you get more eyes watching more attack vectors, continuously monitoring for malicious behaviour across the extended network.

Enable threat-centric NAC: Centralise and unify network access policy management to provide consistent, highly secure access to end users, whether they connect to your network over a wired, wireless, or VPN connection. Also, simplify guest experiences for easier guest onboarding and administration. Streamline BYOD and enterprise mobility with easy, out-of-the-box setup for self-service device onboarding and management.

Gain greater visibility and more accurate device identification and device profiling. NAC would help reduce the number of unknown endpoints and potential threats on your network.

Secure e-mail traffic: More than 100 billion corporate e-mail messages get exchanged on any given day. An e-mail security solution should provide inbound e-mail security and outbound e-mail control, spam filtering, reputation filtering, virus outbreak filters provide zero-day virus protection and work along with integrated virus signatures. Corporate risk must also be reduced through embedded data loss prevention (DLP) functions, which can detect sensitive content, patterns or images in a message body or within attachments. Must be able to filter/block e-mail attachments.

There are multiple vendors and multiple point solutions available in the market to support every area discussed here. However, it makes sense to go ahead with a single vendor with an integrated hardware and software solution for network security -- the IT security vendors.

Security breaches are, by far, the most significant business risk in the digital age. Be proactive in ensuring the safety of your digital assets and thus protect the corporate reputation, data and information.