With so much network infrastructure to look after, today’s IT professionals are pulled in every direction. Keeping servers running, maintaining software and ensuring that employees can simply do their jobs without disruption are the key requirements that come under the heading of “IT infrastructure management”.
Securing IT Infrastructure
Everyday operational support for IT infrastructure is only part of the picture. At the heart of infrastructure management sits security. Keeping data traffic flowing and ensuring only authorised users can gain access to sensitive documents means investment in a whole range of security solutions.A Multidimensional Problem
Network users are commonly the source of data breach in networked organisations as they represent easy targets for hackers. Using a combination of security technologies, monitoring and event management solutions, security assessments and user training are all equally important in maintaining a strong infrastructure security position.
Data leakage can arise from human error as much as it can from a targeted attack. To prevent data leakage, firms can narrow down the risk by discovering and categorising your data according to its sensitivity, identifying what risks exist at the user level – and mitigating them – and ensuring that any data shared outside your organisation is encrypted.Managing Your DLP Measures
Data leakage may be a problem across your whole infrastructure estate, so you should take steps to eliminate the risks everywhere they exist. Risk areas include hardware, applications, endpoints, gateways, on premise and cloud – and of course your network users, who should be trained in the steps they should take to minimise data leakage risk. The solution you use must include simple yet richly featured capabilities for managing policies across the organisation.
It's not if your network is attacked, but when. The constant onslaught of hacks and attacks targeted at out of date software raises the importance of putting a comprehensive patching policy in place beyond critical. It needs to address not just Microsoft applications but all your other software and systems running across your organisation.The Importance of Patching Policy
Every organisation needs a ‘patch policy’ to ensure that software is kept updated. It’s highly advisable to invest in a patch management solution to help manage the sheer volume of patches, to keep track of what software version is on which machine so that the right machines and software are updated at the right time – and can be rolled back if necessary.
SIEM (Security Information and Event Management) software is important for organisations that maintain large databases of confidential information such as customer personal data, patient records or financial statistics. It allows network managers to bring data together from applications, databases, or infrastructure and create an actionable picture of potential threat sources.
Complete Operational Infrastructure Visibility
Armed with the a SIEM platform to collect, analyse, and monitor the data generated by disparate business systems such as end-user devices, servers, network equipment, firewalls, antivirus and intrusion prevention systems, IT managers can have a complete operational visibility and event insights. LogPoint provides all of this via a single management console for compliance, security, monitoring and insights.
This buyer’s guide is intended to outline best practice when procuring penetration testing to ensure you have enough knowledge about what to look for in a potential pen test provider, along with a set of questions you can ask to help you make an informed decision
Insider threats are a major source of data breach. Without the visibility to see who is doing what on the network – whether deliberately or by accident – IT administrators cannot hope to control these threats. UEBA technology delivers detailed insights and analytics on network user behaviour to network and security administrators so they can detect the tell-tale signs of an impending breach.User Analytics for Actionable Intelligence
User and entity behavioural analytics alone are not enough to prevent a data breach. Which is why the best UEBA solutions enable complete monitoring and analysis of software and system usage by employees to deliver actionable intelligence based on impact scores. Impact scores allow security teams to prioritise the action they take based on usage anomalies as well as the sensitivity of the information that is potentially at risk.
"Cybersecurity is not an issue I need to worry about — we’ve got an expert IT that takes care of all that kind of thing”. Too many employees think like this, and hackers are fully aware of it. They target human weaknesses to achieve their goals. So it is important to train and assess employees regularly on best practice behaviours which will keep their — and the organisation’s — data secure.Helping Network Users Secure Themselves — and the Organisation
While training can go far in protecting unwitting network users against hacking susceptibility, they may still be duped into giving away passwords and other sensitive information. This is why enforcing certain security policies at critical points, such as logon to the corporate network, access to the internet and web-based applications and for email access can play a major role in the organisation’s security stance.
Visibility and Access
Controlling access to your network is difficult when you know what devices are trying to connect. If you don’t know which people are using what device to connect to the network, your “attack surface” is increased significantly so you need complex and intelligent solution to detect and then allow or block these devices. This visibility is needed in real time, so you don’t block genuine and authorised devices.
Balancing Device Visibility with Network Access Control
Nothing less than 100% visibility of devices is good enough. But then you need to control access to the network on an ongoing basis for those devices. This needs to be done in such a way that it doesn’t create a delay in access for the ‘good’ devices and users, and that it doesn’t create a massive new overhead for IT staff. Key to this is the use of ‘agentless’ technology.
#3 Connectivity and Support at Home
Working from home is now an everyday reality for many of our customers and network issues can be a challenge
As schools have now closed and other businesses have also sent people home, many home workers are struggling with ensuring they can run their real-time work apps such as Voice and Video conferencing without interference from other people, who are also working from home or using other online content
A Hackers Guide to Remote Working
Remote working for a hacker is brilliant, and not in the sense that they can work from home in a dark room wearing a hoodie. But because remote working means that a business is intentionally giving a path into the internal network that could potentially be accessed by anyone on the internet. This blog post covers some of the things that we have encountered across the team over the years.
#2 Your Cyber Security
If you are allowing devices to connect from people’s houses – it's possible that these networks have already been compromised by hackers or will be in the future. Implementing two-factor authentication, where another device like a mobile phone is used for extra security is the most important security measure that can be applied to systems.
#1 Your Telephony
As the Covid-19 situation looks set to escalate, there's a lot to think about to keep your business running. Last week we shared the Top 10 areas we've focused on to ensure our own business continuity.
From today, we'll be going into these in more detail, setting out what we've learnt and offering specific guidance and support. Let's start with telephony.
About six months ago, with the slow death rattles of the exquisite Empire C2 drawing near, not going to lie I'm still in mourning – that and python2, I was on the hunt for a new platform to sink my teeth into. While playing around with various frameworks on offer such as SilentTrinity, Faction, Merlin (all of which have their positives), I started looking at Cobbr's Covenant framework....