Cybersecurity & Network Security: Best Practices to Protect Your Data A quick-reference guide to secure your organization s data and reduce cybersecurity attacks 1
More and more cybersecurity breaches and attacks are making the news. And these are only the events that receive media coverage. In this quick-reference guide, our cybersecurity experts share best practices for protecting your organization s essential data. 2
TABLE OF CONTENTS: How to Protect Your Data 4 How to Reduce Cybersecurity Hacks 9 3
The Threat Is Real The truth is that cybersecurity threats are continuing to evolve and those responsible for IT are starting to feel the pressure to put secure systems in place and protect their organization s critical data. Gone are the days when businesses and government entities could rely on firewalls alone for protection. And as the world becomes increasingly connected via the cloud and the Internet Things (IoT), threats can now penetrate businesses and organizations in ways previously unheard of. In addition, internal threats are becoming an increasing concern as security measures to thwart external threats have improved dramatically due to increasingly reliable firewalls. 4
How to Protect Your Data Your integrated IT plans and processes are important as you evaluate how to prevent your organization from becoming the next victim of a data breach. 5
Every industry is vulnerable A few years ago, Target experienced a massive cybersecurity breach through the company s heating, ventilation, and air conditioning (HVAC) system. Hackers stole login credentials belonging to a company that provides it HVAC services and used that access to gain a foothold on the company s payment systems. Hackers stole login credentials belonging to a company that provides it HVAC services and used that access to gain a foothold on the company s payment systems. And more recently, Marriott recently fell victim to a major database breach involving its Starwood reservation system, potentially affecting 500 million guests worldwide. While these examples of cybersecurity breaches pertain only to the retail and hotel industries, it s important to remember that every industry is at risk, as well as local, state and federal government. 6
Focus on internal threats While highly reliable firewalls are typically relied on as the main line of defense from external threats, research indicates that only 25% of these threats originate from outside an organization. Internal data is what s now more at risk. Research indicates that only 25% of these threats originate from outside an organization. As businesses become increasingly reliant on cloud-based technology, everything associated with the cloud, including applications, vendors, contractors and a host of connected devices, pose a risk. And if the devices that have credentials to be on your network are compromised such as an infected email that makes it through your firewall and now becomes an internal issue the looming question then is: how do you stop that threat and quickly remediate it? For instance, even though you may be relying on your firewall to prevent a data breach in your network via the Internet, what happens if one of your printer IP addresses gets hacked providing access to your accounting database? 7
Recognize network abnormalities and create profiles One of the keys to effective data security is not just responding to the most obvious threats but recognizing all abnormalities on your network so that you can immediately quarantine and remediate any threat. When the A.P. Moller-Maersk (APM) Terminal at the Port of Los Angeles fell victim last year during the global Petya ransomware attack, it shut down for two days at a cost of $140,000 per hour. If the terminal had better cybersecurity analytics through integrated IT solutions, it would have been able to identify the threat and quarantine it immediately. Profiling the ports on all of your IoT devices will prevent any malicious internal threats due to improper access attempts. Even though you may be under the impression that your data is fully protected through firewalls, you need complete network visibility. That means proactively knowing which people and devices on your network have internal access from the outside. The best way to accomplish this is through network access control. This enables you to profile everyone on your network and allow how and when they access it. If they don t follow your preset parameters correctly, they should be denied access. The same holds true for all of your IoT devices that provide risky exposure to your network, including sensors, cameras, printers and more. Even your vending machines and HVAC system can all have IP addresses as part of IoT, and if hacked, will provide access to your network. Profiling the ports on all of your IoT devices will prevent any malicious internal threats due to improper access attempts. 8
What you can do now Following are a few recommendations that will help you secure your data using integrated IT solutions: 1 Profile all of the devices on your network through network access control (NAC). 2 Employ User Entity Behavior Analytics (UEBA). UEBA essentially provides machine learning baselines that will, for example, prevent someone in your human resources department from accessing your accounting records. UEBA will flag that behavior as an anomaly and shut down their access attempt. 3 Via UEBA, establish a risk assessment for who and what is on your network. By creating risk scores as part of this process, you can establish risk assessment levels that when exceeded, UEBA will quarantine the threat. 4 Carefully define and constantly monitor what your various devices, such as security cameras, are intended for. Should they do anything beyond their expectations, that will trigger a potential threat to your data network. 9
Network visibility is critical As you can see, cybersecurity is more than just blocking what your organization s employees and staff can access on the Internet. Beyond that, it s critical that you have complete visibility of your data network at all times. When it s threatened especially from the inside you must be able to detect the problem and remediate it immediately. Even if an attack is only quarantined to start, you can prevent it from affecting other computers or stealing more data. 10
How to Reduce Cybersecurity Hacks Whether we want to admit it or not, many of the hackers who infiltrate company and government entity IT networks aren t sitting in some sophisticated command center surrounded by multi-million dollar technology. 11
In many cases, it s one individual behind a computer who has been hired by an unknown employer to attack an organization. What s even more disturbing is that the hacker has no scruples about what he or she s done. In his or her mind, he or she got paid well and the act of sabotage was, well, just another job. Faced with untold numbers of similar threats across the globe, it s no wonder that cybersecurity budgets are expanding as never before to address the quest for better network security solutions. In order to stay ahead of malicious attempts to infiltrate your network, you need to proactively manage access to your network. 12
The NAC solution Central to any successful cybersecurity plan is network access control, also known as NAC. Essentially, NAC determines who s allowed to access what, when and where pertaining to anything on your IT network. NAC defines everything about who does or does not have access to your network. Within your organization, for example, that means your human resources department only has access to HR data. Or, your marketing team is the only authorized staff to access marketing data or gain access to the company s Facebook account. The same is true for accounting s data, etc. NAC determines who s allowed to access what, when and where pertaining to anything on your IT network In fact, you can get as granular as you want with NAC. But the more granular you do get, the more secure your organization and data across all areas. In addition, NAC provides cybersecurity forensics which allow you to drill down much deeper into what a potential internal or external threat is doing, not doing and how they re going about it. 13
Start with guest access Before you invest in NAC, make sure guest access to your network is under control. If someone sitting in your lobby waiting for an appointment easily gains access to your network, that s a sure sign that your network is vulnerable. Once your guest access is under control, then look to NAC to ensure that everyone who has authorized access to your network is onboarded with the right profile. After that, you can move on to more advanced cybersecurity tools, which include User and Entity Behavior Analytics (UEBA). Two excellent cybersecurity machine-learned AI solutions include Aruba 360 Secure Fabric, which employs UEBA to monitor and detect gestating attacks with machine-learned intelligence, and Cisco Talos Intelligence Group, one of the world s largest commercial threat intelligence teams that covers ongoing cyber threats to email, networks, cloud, web, endpoints and more. 14
Strive for immediate quarantine When using a machine-learned AI solution like these, one of the best IT security intelligence reports you can receive might look something like this: While starting your work day, your security report shows that your firewall prevented eight threats from compromising your network the previous day because your machine-learned AI solution identified the threat, routed it through your UEBA, and sent it to your firewall where it was identified at 2 pm, actually stopped at 2 pm and immediately quarantined. Keep in mind, however, that as helpful as machine-learned AI solutions are, they do come with a steep learning curve. Keep in mind, however, that as helpful as machine-learned AI solutions are, they do come with a steep learning curve. They can also be highly complex to set up. That s why it s best to rely on a capable network security solutions partner who understands your business model, expected cybersecurity outcomes and who can provide you a baseline for your entire cybersecurity strategy. 15
Hackers keep improving Once your baseline s established, your network security solutions partner can help you make the necessary adjustments or educate you on how to make the adjustments yourself. The reality is that hackers know all too well what they re doing. And they re only going to get better at what they do. That s why it s imperative that you thoroughly understand the vulnerability of your network s visibility, including which IoT devices are on your network and who has access to your network. The more you can rely on machine-learning AI to alert you about any anomalies in your network, the faster you can react and remediate any damage. The very life of your organization depends on it. 16
Contact us today for a complete cybersecurity risk assessment to find any anomalies that reside within your data network. With the right integrated IT solutions and behavior analytics, you ll be that much more prepared to stop and remediate any threats that pose a danger to your network data. vectorusa.com GENERAL INFORMATION 800.929.4516 CUSTOMER SERVICE HOTLINE 877.569.8800 CUSTOMER SERVICE support@vectorusa.com CORPORATE HEADQUARTERS 3530 Voyager Street Torrance, CA 90503 T 310.436.1000 F 310.436.1060 INLAND EMPIRE 8647 Ninth Street Rancho Cucamonga, CA 91730 T 909.391.1022 F 844.269.9739 LOS ANGELES SAN DIEGO 20000 Mariner Avenue Suite 450 Torrance, CA 90503 T 310.436.1000 F 310.436.1060 9808 Waples Street San Diego, CA 92121 T 858.546.1014 F 858.546.1086 PHOENIX CHARLOTTE 4930 East Beverly Road Phoenix, AZ 85044 T 480.967.0953 F 844.270.2257 2520 Whitehall Park Dr Suite 300 Charlotte, NC 28273 T 310.436.1040