RSS feed Get our RSS feed

News by Topic

BizReport : Internet : June 01, 2021

Brands: How to improve security through network clean up

While all businesses should have a clear view into exactly what devices and even content are running within their network, the simple fact is that many do not. However, one expert believes taking a full inventory of devices like laptops, printers, and even third-party devices with so-called privileged access can beef up security. Here's how.

by Kristina Knight

First, inventory gives brands a baseline

"In the case of 3rd party access, develop a complete inventory of 3rd party network integrations and the corresponding vendors and internal business stakeholders, along with the method of integration (e.g. VPN). Eliminate no longer relevant integrations, limit access to the true business need, and even consider migrating from legacy remote access methods like traditional VPN solutions to a modern brokered SASE/ZTNA solution," said Curtis Simpson, CISO, Armis. "This is only the beginning to building valuable inventory. The next step is to establish or update the baseline in regards to how assets intercommunicate with one another and, wherever possible, identify assets that directly enable or support business critical capabilities and services. Couple this collection of information with an understanding of high risk connected assets and enterprises will be armed to make decisions on how to proceed with asset decommissioning or replacement, risk and vulnerability remediation, or network optimization efforts."

Second, continue to asses connected devices regularly

"An important but often overlooked effort associated with cleanup involves "thinking like a bad actor" and using tooling that is readily available to both sides to understand what company assets are accessible and potentially exploitable over the Internet. Regularly use open information sources to quickly identify assets that have been made inappropriately accessible by unauthorized parties over the Internet and to what extent they may be vulnerable to cyberattacks. Using practical solutions like Shodan on a regular basis can truly help minimize the potential for networks and assets being disrupted by unauthorized parties," said Simpson.

Third, provide regular network patches to the infrastructure

"Many recent and highly impactful attacks executed against enterprises of various sizes have involved the exploitation of actual network devices, such that bad actors can bypass and disrupt network controls and networks overall. If a bad actor is able to compromise the actual network backplane, the true significance and the cost to the organization will drastically outweigh the risk associated with updating network equipment. It's no longer about whether or not we update network devices -- it's about how regularly such actions can be taken and how they can be tested and optimized in protection of operations. The old saying "an ounce of prevention is worth a pound of cure" very much applies here," said Simpson.

Tags: Armis, digital security, network device security, network device trends, SMB tips, SMB trends

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.