Halloween may be over, but with all the security dangers lurking across the Internet, it’s really Halloween 24/7 on the web. It seems like nowadays, all we read about on the web are security breaches and cyber attacks. Here are five tips to help you protect and secure your enterprise networks in this creepy digital world.
1. Ensure devices and systems are properly configured.
According to Gartner, 95 percent of firewall breaches are due to firewall misconfiguration, and not from flaws with the firewall itself. An organization could have the tightest firewall rules and a “locked down” network, but if a router is running an old operating system that has known flaws, then you have a security gap that can be exploited. Therefore, it’s critical to ensure that security devices are properly configured and that the OS and patches are up to date.
2. Break down organizational silos and work with IT and application owner counterparts.
IT security and network operations teams are both responsible for managing, supporting, and securing the increasingly complex network environments. But as the workload increases, each department will begin to focus on their specific responsibilities. Yet the silos expand across other key stakeholders when you start considering business applications. Organizations should consider a cultural change that involves breaking down the invisible walls that typically prevent these teams from effectively communicating with each other, thus improving security without hindering productivity.
3. Integrate security policy monitoring and analysis.
How do you manage or even monitor what you can’t see? What if you have a truly distributed system spanning across a number of data centers? Your firewalls have policies that control applications, user access and how data flows between critical systems. Through it all, the only way to deliver an effective security policy is to have direct visibility into the entire firewall estate. It’s also critical to be able to analyze the firewall rules for consistency, process control and how such changes affect your overall infrastructure.
4. Reduce complexity.
Network complexity increases the difficulty of securing an organization’s network, applications, and information. In addition to the complexity of managing many devices and policies is the challenge that these are all tied to critical business applications. Oftentimes, there is little to no visibility across the organization of the impact of one or the other. For example, if a change to the security policy is made, what is the impact on the business applications? Or vice versa? This isn’t just a security issue but an issue of keeping the business running efficiently, as well.
5. Automate more processes.
Security change management often breaks down due to teams working in silos and manual, time-consuming, and error-prone processes. Automation helps ensure accuracy, reduces risk, and significantly reduces the time to process changes, ultimately allowing IT departments to respond quicker to changing business requirements.
Featured Download: Social media access at work. Do your employees know the rules?
And one final recommendation. In today’s age of stealth malware and targeted attacks, assume you’ve already been hacked and then plan your defense accordingly. With this approach, your security strategy will be a lot more realistic and effective.
By following these tips, you can prevent your organization from becoming the next headlining security breach, or at least minimize the damage an attack may inflict on your network.
By Nimmy Reichenberg, VP of Marketing and Strategy, AlgoSec
About AlgoSec
AlgoSec is the market leader for security policy management, enabling organizations to simplify and automate security operations in evolving data centers and networks. More than 1,000 of the world’s leading organizations, including 15 of the Fortune 50, rely on AlgoSec for faster security provisioning of business applications, streamlined change management, continuous compliance and tighter security.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.