[metaslider id=2951] … Read More
Archives for November 2014
Why you need Network Access Control?
In discussions with organizations about security initiatives that they are planning over the next 12 months, I am surprised that very few say they plan to purchase and implement Network Access Control. This is a solution that comes very low on the totem pole, and in fact, if discussing with some sys admins, it is more a cause of frustration than deemed a valuable asset, or essential tool for security. One of the key features of a NAC is providing a snapshot of all assets – both trusted and untrusted – within a network, providing a visual representation of what an organization must protect, because you cannot protect what you don’t know you have.
A Network Access Control product provides immense benefit, and the return on investment is almost immediate.
Looking at one of the most referenced documents when it comes to security – the Critical Security Controls, a NAC provides the easy wins for a number of controls, including asset inventory, continuous vulnerability assessment, and malware defenses. In addition NACs provide visibility into your network, the ability to enforce policies at a granular level and protection against Advance Persistent Threats and malware.
Looking at the Critical Security Controls and how the NetBeat NAC can facilitate:
Item One: Inventory of authorize and unauthorized devices:
Maintain an asset inventory of all systems connected to the network and the network devices themselves, recording at least the network addresses, machine name(s), purpose of each system, an asset owner responsible for each device, and the department associated with each device.
The diagram below provides a snapshot that is provided by the NetBeat NAC, from the diagram you can see the IP address, the time it was first detected, MAC Address, and operating system including service packs and the manufacturer.
Item 4 – Continuous Vulnerability Assessment and Remediation
Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.
Run automated vulnerability scanning tools against all systems on the network on a weekly or more frequent basis and deliver prioritized lists of the most critical vulnerabilities to each responsible system administrator along with risk scores that compare the effectiveness of system administrators and departments in reducing risk.
The NetBeat NAC vulnerability scanner helps you identify the most urgent patches needed to harden your network against attack. After you run scans, detailed reports alert you if an attached device has a problem, or you can simply block an asset if it fails a vulnerability scan. These are very helpful in complying with requirements mandated by HIPAA/HITECH, PCI, GLBA, and other security standards.
Item 5 – Control Malware
Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.
As you can see from the image above, the risk profiler will provide immediate notification of a threat, in addition to blocking traffic to C&C (command and control), and in essence stopping exfiltration of data.
The NetBeat NAC scans for real-time malware traffic back to known malware sites. The database is synchronized multiple times a day to protect networks against zero-day threats. Because it can be integrated with the blocking engine, threats can be blocked within 10 milliseconds of detection versus just receiving an alert
Another benefit includes better BYOD control, without having to install additional software on mobile devices as well as segregating guests to their own VLAN.
For more information on how a NAC can supplement your existing security solutions, contact us.
Data Breach Report:
Data Breach Report: 18.5 Million Californians’ Personal Data At Risk
Report demonstrates the majority of health data breaches in California were due to stolen hardware.
From Health IT Outcomes – Christine Kern
According to a press release, Attorney General Kamala D. Harris has released the second annual report detailing the 167 data breaches reported to the Attorney General’s office in 2013. The report reveals the 167 breaches placed the personal data of an estimated 18.5 million Californians at risk. As part of the report, the Attorney General also released a number of recommendations on breach prevention and data protection in the future.
“Data breaches pose a serious threat to the privacy, finances and personal security of California consumers,” Harris said in the statement. “The fight against these kind of cybercrimes requires the use of innovative strategies by government and the private sector to protect our state’s consumers and businesses. I strongly encourage more use of encryption to significantly reduce the risk of data breaches.”
The report recommends healthcare providers should use strong encryption to protect medical information on laptops and on other portable devices, and consider encryption for desktop computers.
For information on how Encryption can assist, or to find an evaluation please contact us.