With the new year underway, this is a great time to review your overall security posture.
As I have stressed in past blogs and security roadshow presentations, it is important to evaluate and validate your current security components:
- Identity critical data assets.
- Identity the risks to your critical data assets: in what ways can they compromised, and what will the repercussions be if they are compromised?
- Compile a list of security technologies and processes that will effectively mitigate risks to critical data assets: E.g. web security, email security, internet edge security, endpoint security, identity services, cloud security, network security, patch management, written security policy, written breach remediation plan.
- Identity and evaluate current controls: Current security components, and how effective they are at mitigating risk to your critical data assets.
- Consider retiring or replacing obsolete, out of support, or ineffective security controls. Consider adding products that map to the security technologies identified. Write or revise your written security policy and breach remediation plan.
- Prioritize security purchases to mitigate the largest risks first. Balance need with budget.
If you need help evaluating your overall security posture, Network Solutions is here to help you make good decisions.
When was the last time you changed account passwords across the board? Not just user accounts, but also administrator, service accounts, and local appliance accounts. You may be surprised to find that some critical accounts have had the same password for years! How many employees that no longer work for you know these passwords? It’s new year! Make a plan to change old passwords, and while you are at it, evaluate the complexity of those passwords.
Do you have a method for enforcing patch management? Operating system and application vulnerabilities can often be exploited to provide a method for cybercriminals to access, steal, or corrupt data or to even gain remote access to your network infrastructure. Keeping your operating systems and applications patched is an effective way to mitigate these risks.
How do users access your network Infrastructure, and with what types of devices? What about BYOD and IoT devices? Do you trust that the manufacturer of these devices keep up on security patches? Compromised devices can be used by cybercriminals to facilitate an attack from within your network. An effective access control solution provides granular control of connectivity to your infrastructure via wired, wireless, or VPN. Access control goes beyond just requiring username and password to allow connectivity, and can enforce several additional requirements. As well, access control can provide granular control to what authenticated users are permitted access on your network. Finally, access control can keep a detailed log of access activity.
Do you require multi-factor authentication to connect to network infrastructure or to use certain applications? Requiring MFA wherever possible can significantly reduce the risk of unwanted authentication, and can often be used in conjunction with an access control solution for even higher risk mitigation efficacy.
Contact your Network Solutions account manager for additional information on access control and MFA.
On my next blog posting, we will discuss the features of Cisco Umbrella and Secure Internet Gateway.