Virtualization Technology News and Information
Article
RSS
Protecting your network: How to shrink cyber attacks

As business owners continue to focus on sustaining their operations, unfortunately, they might ignore the rising risk of devastating cyber attacks during the current pandemic.

It's important for companies to protect their networks, and owners can take immediate steps to harden their interconnected and networked systems. Doing so can reduce the entry points for attacks and make companies a tougher target for hackers.

Where are businesses vulnerable?

Many business owners believe cyber attacks start at their network or server. In reality, hackers exploit other entry points that lack the same hardening you use for your network: merchant services, point of sale (POS) systems and physical security systems, for example.

These ancillary systems should be included in part of your typical security review process. As a first step, firmware should be updated and default passwords changed. To harden security for your ancillary systems and other potential entry points, review your security policies and procedures in these key areas: 

System Architecture

As a precaution, your ancillary physical security systems should be securely architected to have a low-risk connection to the internet to prevent hackers from entering your network in the first place. Security systems with multiple components like cameras or other access points need to be programmatically managed, with an understanding of how components fit together.

Review your system architecture and limit the number of connections hackers could exploit. Secure wireless devices connected to your network, such as cameras, locks, printers and modems, to prevent unauthorized access that could compromise your physical security servers. Manage all connections that support remote access, and use logical separations like virtual local area networks (VLANs) and access control lists (ACLs) to limit access to authorized devices.

Endpoint Connections

Endpoint connections include devices like cameras, badge readers, control panels, security-related servers and video recorders. These all pose security risks if not properly hardened.

Port security prevents hackers from tapping into a network cable or exploiting an open USB port to gain unauthorized access. Use hard-coded MAC addresses to prevent unauthorized device access. Since MAC addresses are difficult to change, it adds an extra layer of protection and confidence to your security.

Passwords

All devices come installed with a manufacturer-provided default password. While useful during setup, these passwords are common knowledge for hackers and are the first ones they'll try when initiating a cyber attack.

After setting up the device on your network, change the password. Choose a long password, as length is a major factor in password security. Also, establish a password management policy with information on who manages passwords and include a timeline for periodic password changes. When a login attempt fails by either incorrect username or password entry, lock out the user and investigate.

Privileges

A common mistake is granting full access privileges to every user on a company's network. If any user is compromised, a hacker would gain access to all network systems.

Create user groups based on needed access, like administrators, operators and users, and casual users and visitors. Assign each group the minimum privileges necessary for their functions. Take special precautions for higher authority accounts - for example, do not allow VPN access for sensitive information or admin functions. In your security procedures, create a timeline for reviewing and adjusting granted rights and privileges.

Software Updates

Hackers often exploit outdated software to gain entry to systems. Software updates typically include patches for known security vulnerabilities, which are required for system hardening.

Designate a user who will manage consistent software updates, and include device firmware in the update procedure. Solutions exist to automate the software updating process with automated authenticity verification safeguards.

Automated Cyber-Event Detection

Cyber attack prevention takes diligence, but companies struggle to find and keep cybersecurity talent. For many issues, however, automated system verification tools offer a powerful alternative to humans.

Automated tools can consistently check systems and alert you to many security-related issues. They can verify firmware and software updates and check the integrity of endpoint solutions like video streams and stored files. These tools provide an always-on eye to ensure your network security.

As you plan your network security, evaluate your specific business needs to prioritize which step to begin with and what components you need to protect yourself. In the face of increasing cyber attacks, harden your network security and prevent a potentially devastating attack on your business.

##

About the Author

Andrew Gibson 

Andrew Gibson is a Solutions Engineering Consultant at STANLEY Security, a provider of integrated security solutions defining the future of the security industry. Gibson has more than a decade of experience working in the security space with a background in a variety of areas including physical security, IT infrastructure, IT operations and project management. In his role with STANLEY Security, Gibson works to design and implement SaaS-based security solutions that protect customers from a variety of security threats. Acting as an IT and technical liaison for SaaS solutions and implementations, Gibson helps customers successfully navigate the convergence of IT and physical security environments.
Published Thursday, June 11, 2020 7:27 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<June 2020>
SuMoTuWeThFrSa
31123456
78910111213
14151617181920
21222324252627
2829301234
567891011