This page contains a Flash digital edition of a book.

Mitigate Risk and Raise Your Network Security Bar The Best Attack By Ray Bryant, CEO, Idappcom

Today, practically every home has a PC, and people are willing to use their own device to connect to the office. Corporate-owned devices are all networked and even offer the ability to connect to networks outside the organisation itself. However, while this connectivity

Once considered the remit of the corporate boardroom, technology has not just broken down barriers, but obliterated them. Ray Bryant shares his tips and techniques for survival in the adapting threat landscape.

is viewed as a business enabler, it’s also a poisoned chalice. Hackers are able to compromise legitimate access points and storm corporate networks. Another attack vector is to embed malicious code into websites and infect unsuspecting visitors. This threatening climate means that

organisations must defend their IT platform or risk falling foul of legislation. To do this they need to raise the security bar at the points where traffic enters and leaves the network.

The threat landscape

Attacks always have some nefarious purpose at their heart – to access money or information, to bring down systems, or even to extract money through the treat to bring them down. This is easily translated into risk with associated potential cost. There are hundreds of dramatic real life instances that can be quoted to back up the assumptions, and many of these are very topical in the popular news, so there is plenty of understanding of the issues. The IT Manager has to present

these risks to management in business terms, as a strategy for enhanced security. It is no longer acceptable to present technical, jargon-loaded justification. Management understand risk, investment and return – not fear, uncertainty and doubt.

The Case for the Defence

Whether purchasing security equipment for the first time, or looking for sustainable improvements in existing defences, there is a ‘must have’ case for using tools to ensure that your equipment is working to the maximum mitigation potential. To make a solid business case, the IT Manager must show that the purchase not only reduces risk, but gives a clear return on the investment.

28 NETCOMMS europe Volume II, Issue 1 2011 If you can translate your need

to raise the security bar into a valid business case, Management will allocate resources without question, whilst appreciating the IT department’s move from a cost centre to a valuable business process. Desktop protection has been with

us for years. There are plenty of evaluations published which highlight the fact that each package has its merits, but what they don’t always say is that the most sophisticated need configuration to balance mitigation with speed. Do not assume, as with any security device, that out of the box gives maximum protection.

Presenting the evidence

Good intrusion detection/prevention systems works with firewall technology at network entry-points to analyse the risk of a given data stream at the time it arrives at the network. The devices need regular updating for code, signatures and configuration. To do this you need expertise and the best tools available. The responsibility to control what

is leaving your network is also very important - not just whether your data is ‘leaking’ from the system, but if malicious traffic is able to be sent out from your network that will infect others and potentially create a claim against your company.

A new risk element has been created

by the reliance on IT to manage our business data and do business with other companies across the globe. This has been expedited by the rapid development of the Internet - cyber attacks can now be considered more likely to happen than incidents such as fire and flood. We must start raising the effectiveness

of the IDS/IPS/firewall platform itself. IT Management has the opportunity to raise its own bar by presenting good practice to the CEO. This means translating the Security Risk into Business Risk and proper use of scarce budget resources into a ROI created by making better use of what they have. The audit must identify malicious

code that is not mitigated under test, provide information to ‘tune’ the configuration, and enhance the signatures/rules that are applied to fix the issue. The tuning process will take account of the corresponding, acceptable level of performance, namely the throughput. This audit and test of vulnerability has to be individual to your network, your equipment and your Management’s risk appetite.

The traffic library

It is essential to have a constantly updated library of traffic files that record real live exploits attacking

There is no such thing as a perfectly secure structure. However, ensuring that each stage of inspection is working at its optimum level is a great start. There are many ways that security can be enhanced:

•Keep desktop protection up to date. •Train personnel to be security conscious.

•Patch every device connecting to the network to ensure that weaknesses in applications cannot be exploited.

•Make sure that your perimeter defences are always operating at the highest level, and that data entering the desktop is checked to prevent malicious code

being launched by the user.

•It is far better to stop the attack at the network entry point than to look for where it may finish up.

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60