Contact
Tag

iot

Jul 30

Twenty Things For Ransomware Protection

By Network Security No Comments

We are at an especially vulnerable moment in our transition to a digital economy. As mentioned in the last blog, Australia government has an announcement on cybersecurity issues recently happened. It points out an interesting point that the biggest problem is the human factor, especially when it comes to ransomware. It becomes very critical that each organization needs to take steps to protect the network or network attached elements.

While each corporation has its own network environment, without talking about too much details, here are 20 things from Fortinet experts that any organisation can begin to implement today to reduce their risk from ransomware and other advanced threats.

1.   Wherever possible, patch and update operating systems, devices, and software. Make this a priority for your remote workers – especially those using personal devices to connect to the corporate network.
2.   For devices that can’t be patched, ensure that appropriate proximity controls and alerts are in place.
3.   Make sure that all endpoint devices have advanced security installed, such as anti-exploit and EDR solutions.
Update
Access
4.   Also make sure that access controls, such as multifactor authentication and even Network Access Control solutions are in place
5.   Use NAC to inspect and block bring-your-own-devices that do not meet security policy
6.   Segment your network into security zones to prevent the spread of infection and tie access controls to dynamic segmentation.

7.   Use inventory tools and IOC lists to prioritize which of your assets are at the most risk.

8.   Update your network IPS signatures, as well as device antivirus and anti-malware tools.
9.   Back-up systems and then store those backups offline – along with any devices and software you may need in the event of a network recovery.
10.   Make sure that ransomware recovery is part of your BCDR, Identify your recovery team, run drills, and pre-assign responsibilities so systems can be restored quickly in the event of a successful breach.
11.   Update your email and web security gateways to check and filter out email attachments, websites, and files for malware.
Ransomeware
virus
12.   Make sure that CDR (content disarm and recovery) solutions are in place to deactivate malicious attachments.
13.   Use a sandbox to discover, execute, and analyze new or unrecognized files, documents, or programs in a safe environment.
14.   Block advertisements and social media sites that have no business relevance
15.   Use zero-trust network access that includes virus assessments so users can’t infect business-critical applications, data, or services
16.   Use application whitelisting to prevent unauthorized applications from being downloaded or run.
17.   Prevent unauthorized SaaS applications with a CASB solution.
18.   Use forensic analysis tools to identify where an infection came from, how long it has been in your environment, ensure you have removed all of it from every device, and ensure it doesn’t come back
19.   Plan around the weakest link in your security system – the people who use your devices and applications. Training is essential but limited. Proper tools, such as secure email gateways, for example, can eliminate most if not all phishing emails and malicious attachments.
20.   Leverage people, technology, and processes to quickly gather threat intelligence about active attacks on your networks and act on it, using automation where possible. This is crucial to stopping an advanced attack in its tracks.

Make your network intelligent against threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.

Contact Us now for an industry-leading security solution.

Contact Us

If you have questions, please drop us an e-mail at info@sprintnetworks.com

Jul 23

Implementation Of Network Access Control

By Network Security No Comments

The current perimeter solution could bring a lot of value to your organisation by defending threats and attacks at the perimeter. However, with todays sophistication of attackers, systems tend to be cracked from the internal network. Hence, a Network Access Control (NAC) tool can be useful inorder to connect the end users with the right authentication. It can be tempting to purchase a off the shelf NAC product and install it on your hardware. This could be catastropic to your network security as the solution is not catered to your network as well as its intended use. Implementing an appropriate NAC will save the organisation the trouble of spending valuable time and money in recovering and detection of threats by taking the steps necessary to plug any vaunarabilities in the network. This article aims to give a step by step guideline to any network security professional to design and plan an entire NAC solution.

Steps to Implement a NAC Solution

1. Survey your network

It is recommended to perform a survey of all the endpoints within your network. That should include, but not limited to, all your server, network devices, user PCs, and piece of equipment that has a leg into your network and is able to access your digital resources. Without this kind of information, NAC would struggle to protect the entire organization, and the system admins will need to spend lots of their time and energy to implement and troubleshoot. 

2. User Identities

It is a must to have a solid plan about how you will manage user credentials and identities within the organisation. You internal directory system should be able to verify user identities. All users should be manageable and have their account information details. After setting up all the account details and understanding the role of each user, then, you can move to the next step to determine how the permission or roles be allocated.

User Identity

3. Designing policies

Creating permission policies by using Principle of Least Privilage (PoLP) rules. It means you should only grant access at the mandatory level required for the individual users to perform their daily duties. This is one of the most critical steps as you do not want to open your systems up to attack through small security gaps that you are not even aware of. Having all teams together and making a concrete structure in which everyone would be able to access the network securely.

4. Apply Permissions

Once the permissions determined, you can have the permission policies ready by integrating your existing directory system or importing your permission policies directly. All valid users will be registered to the NAC system, and all activities can be recorded and tracked. Illegitimate access will be blocked at the edge of your network.

Permission

5. Maintaining policies

Managing network access controls is not a one-off activity. As there would be staff and network changes constantly, network admin must constantly monitor security operations and adjust policies based on business requirements and network evolvement.

How to choose a Network Access Control solution

As discussed earlier, today’s NAC products aim to cover a wide range of use cases to boost the overall security of your enterprise. That can make it challenging to find the right solution for your company, especially if you don’t know what your internal security weaknesses are.

control System

Make your network intelligent against threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.

Contact Us now for a industry-leading NAC solution.

Contact Us

If you have questions, please drop us an e-mail at info@sprintnetworks.com

Jul 21

Network Access Control

By Network Security No Comments

What is NAC?

Given the current businesses reliance on tech on a daily basis, many organisations feel the need like to tackle the cyber issue from various angles. Traditional ways are to procure a simple antivirus solution, perimeter firewalls, and use a separate system for managing access permissions. However, with the heavily use of Wi-Fi and mobile devices, the trend has shifted to embrace the NAC, Network Access Control.

What is Network Access Control, NAC?

Network Access Control is the act of keeping unauthorized users and devices out of a private network. Organisations that give certain devices or users from outside of the organization occasional access to the network can use network access control to ensure that these devices meet corporate security compliance regulations.

NAC solutions are designed to help network admin to boost the overall security level for internal users. That would guarantee the right person would get the right permissions with right authentication methods.

What are common use cases for network access control?

If an organization is under any of the following circumstances, they need to think cautiously about network access control to secure the enterprise network:

  • Bring Your Own Device (BYOD):

    • Any organization that allows employees to use their own devices to connect to the corporate network or take the corporate devices home should think about when those devices connect back to the company sensitive network. Each device could be or create a vulnerability that which will encourage the cyber criminal to bypass the traditional security controls.

  • Network access for non-employees:

    • Some organizations need to grant access to people or devices that are outside of the organization with many reasons, like conferences, contractors or visitors. But, those access with different purposes should not be subject to the same security controls. Especially for contractors, they might need the access to the corporate network from time to time, and you will not want to grant the same level of access which you employees have for a short time project. That should be under the monitor and with proper level of authentication.

  • Network access without Port Security:

    • Traditional network access will require the end users to connect to the floor switched to gain the access to the network. But, some of the access are not under port security policies. That means anyone can access the network when they plug into the same port without necessary authentication to fake the employee permissions. For those ports which are exposed and hard to manage as constant changes happened, it is necessary to use NAC to grant the right authorization to the person no matter where they connect.

  • IoT devices:

    • The Internet of Things, as known as IoT, has given rise to a proliferation of devices that may fly under the radar of traditional security controls. They could locate outside of your physical buildings, but they still be able to connect to your network through some forms of transmission media. As a non-standardized industry, Cyber criminals can easily exploit these overlooked devices to find their own ways into your network without getting any kinds of permissions. Network access controls plays a important role in your edge security.

    Make your network intelligent against threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.

    If you think you are at risk!

    Contact Us

    If you have questions, please drop us an e-mail at info@sprintnetworks.com