Secure Your Network Data
by Mark Allen, Director of Technology
With cybersecurity on everyone’s minds today, the sense of urgency surrounding this critical issue is ever increasing as threats continue to evolve.
Gone are the days when businesses and government entities could rely on their firewalls alone for protection. And as the world becomes increasingly connected via the cloud and the Internet of Things (IoT), threats can now penetrate businesses and organizations in ways previously unheard of.
“Gone are the days when businesses and government entities could rely on their firewalls alone for protection.”
– Mark Allen, Director of Technology
In addition, internal threats are becoming an increasing concern as security measures to thwart external threats have improved dramatically due to increasingly reliable firewalls.
That’s why integrated IT solutions are so important as you evaluate how you can prevent your organization from becoming the next victim of a data breach.
No exceptions . . . every industry’s at risk
A few years ago, Target experienced a massive cybersecurity breach through the company’s heating, ventilation, and air conditioning (HVAC) system. Hackers stole login credentials belonging to a company that provides it HVAC services and used that access to gain a foothold on the company’s payment systems.
And more recently, Marriott recently fell victim to a major database breach involving its Starwood reservation system, potentially affecting 500 million guests worldwide.
While these examples of cybersecurity breaches pertain only to the retail and hotel industries, it’s important to remember that every industry is at risk, as well as local, state and federal government.
Focus turns to internal threats
While highly reliable firewalls are typically relied on as the main line of defense from external threats, research indicates that only 25 percent of these threats originate from outside an organization. Internal data is what’s now more at risk.
As businesses become increasingly reliant on cloud-based technology, everything associated with the cloud, including applications, vendors, contractors and a host of connected devices, pose a risk.
And if the devices that have credentials to be on your network are compromised — such as an infected email that makes it through your firewall and now becomes an internal issue — the looming question then is: how do you stop that threat and quickly remediate it?
For instance, even though you may be relying on your firewall to prevent a data breach in your network via the Internet, what happens if one of your printer IP addresses gets hacked providing access to your accounting database?
Recognize network abnormalities
One of the keys to effective data security is not just responding to the most obvious threats but recognizing all abnormalities on your network so that you can immediately quarantine and remediate any threat.
When the A.P. Moller-Maersk (APM) Terminal at the Port of Los Angeles fell victim last year during the global Petya ransomware attack, it shut down for two days at a cost of $140,000 per hour. If the terminal had better cybersecurity analytics through integrated IT solutions, it would have been able to identify the threat and quarantine it immediately.
Even though you may be under the impression that your data is fully protected through firewalls, you need complete network visibility. That means proactively knowing which people and devices on your network have internal access from the outside.
The best way to accomplish this is through network access control. This enables you to profile everyone on your network and allow how and when they access it. If they don’t follow your preset parameters correctly, they should be denied access.
The same holds true for all of your IoT devices that provide risky exposure to your network, including sensors, cameras, printers and more. Even your vending machines and HVAC system can all have IP addresses as part of IoT, and if hacked, will provide access to your network. Profiling the ports on all of your IoT devices will prevent any malicious internal threats due to improper access attempts.
What you can do now
Following are a few recommendations that will help you secure your data using integrated IT solutions:
- Profile all of the devices on your network through network access control (NAC).
- Employ User Entity Behavior Analytics (UEBA). UEBA essentially provides machine learning baselines that will, for example, prevent someone in your human resources department from accessing your accounting records. UEBA will flag that behavior as an anomaly and shut down their access attempt.
- Via UEBA, establish a risk assessment for who and what is on your network. By creating risk scores as part of this process, you can establish risk assessment levels that when exceeded, UEBA will quarantine the threat.
- Carefully define and constantly monitor what your various devices, such as security cameras, are intended for. Should they do anything beyond their expectations, that will trigger a potential threat to your data network.
Network visibility is critical
As you can see, cybersecurity is more than just blocking what your organization’s employees and staff can access on the Internet.
Beyond that, it’s critical that you have complete visibility of your data network at all times. When it’s threatened — especially from the inside — you must be able to detect the problem and remediate it immediately. Even if an attack is only quarantined to start, you can prevent it from affecting other computers or stealing more data.
“Even if an attack is only quarantined to start, you can prevent it from affecting other computers or stealing more data.”
– Mark Allen, Director of Technology
VectorUSA can provide you a complete cybersecurity risk assessment to determine any anomalies that reside within your data network. With the right integrated IT solutions and behavior analytics, you’ll be that much more prepared to stop and remediate any threats that pose a danger to your network data.