Why Do Networks Have Issues?
When it comes down to it, there are countless reasons that a business or organization develops issues with its network health. But when it comes down to it, there tends to be three root causes that tend to be the cause of many of the problems we see.
For instance, often the person who is currently administering a network is not the same person who set it up. And it’s difficult to know exactly what the thought process of that person was as old gear gets mixed in with new and more cloud applications, making networks all the more complex and more prone to errors.
Secondly, while we may bemoan the mistakes end users make, they won’t stop making them just because we wish upon a start that they get smarter about security. We have to teach them how to be smarter and that requires end user education while also learning what exactly they require access to and showing them how to manage password complexity and protect themselves against phishing attacks.
Lastly, while it’s important for an organization’s IT department to teach people simple security protocol like locking the screen (Windows key + L), sometimes an organization’s security department will try to take on training that can be more easily accomplished by purchasing phishing training or working with a third party like Productive. If you’ve never run security training for 500 end users, then perhaps now isn’t the best time to try when there are so many threats out there.
So if these are some of the most common reasons networks have issues, what can you do to improve your security posture and keep the above issues from happening to you?
Review Your Firewall
Recently we worked with a client who reviewed all of the old network policies of the firewall they were getting rid of to create a clean template to migrate into for the new set-up. This tends to be an exception and most certainly not the rule as many organizations just layer on new capabilities and permissions without stopping to see which could conflict with one another and weaken their network security posture.
Of course, as we ourselves have been guilty of many times, sometimes one knows that he or she needs to, say, review old Active Directory service accounts and possibly delete them, but Monday can turn into Friday without any changes being made. By staying vigilant regarding changes with end users and enacting a schedule or protocol to review the different policies in place, you will cut down on conflicting policies and outdated permissions. And by running a vulnerability assessment and PEN testing that includes testing compromised machines inside the perimeter, you’re taking advantage of an easy way to drastically improve your security posture.
Review Your Endpoint Strategy
Another issue we run into endlessly is that an organization will upgrade their endpoint security product to boast implement application control or device control and then never turn those features on. What features do you have turned off right now that could help your security? Are you 100% deployed? Do you have visibility on off-network users? By reviewing and turning on all of your endpoint product’s security features you lower your chance of issues coming up in the future.
Patches, Patches, Patches
Every IT security admin knows that keeping your patches up to date will lower the number of exploits that ransomware or malware can effect. And while we’re seeing a lot of our clients staying on top of their Microsoft Office patches, the problem remains that Microsoft is no longer the most commonly-exploited application.
Adobe has now earned the dubious honor of “most exploited publisher” as nearly every machine in a network has Adobe Reader installed on it. There’s also Java and countless other apps that are becoming increasingly ubiquitous. And if you don’t have the latest patches in place, then you have possibly hundreds if not thousands of machines with exploits that an exploit kit like Nuclear Exploit or ransomware like WannaCry can easily take advantage of and compromise your network security.
So don’t let yourself be any more exposed than you need to be and update your patches on a regular basis.
Patches, Patches, Patches
Now this tip can cause issues for companies as like tips 1 and 2, you might not have been the person to have originally set users permissions or you’ve had a number of employees come and go over the years. Either way, your Active Directory is likely old and in need of review. And even if it’s running on 2012 or even 2016, how many old policies are running that shouldn’t be anymore? How many GPOs do you have and how many of them are actually applicable?
It has nothing to do with whether an employee is trusted or not. In fact, sometimes you need to worry more about most-trusted employees because a previous admin may have given them more access than they actually need. And thus, if they are compromised, then an attacker has all the access that the trusted employee does.
Of course, if you have an employee who has been with you for fifteen years, he or she might grow concerned by you removing certain permissions that they’ve just always had. But if they do not require access to the finance server, then do not give them that access because that means you’re giving access to a hacker should that person’s security ever be compromised. When you explain it that way, you make the process go more smoothly as well.
Third Party Assessment
Now we know you might be thinking, “OK, here comes the sales pitch.” And yes, our last and equally important tip is to have a third party company like Productive come in and analyze where you’re currently strong and where you require improvement. For instance, we’ve helped many companies realize that they were perhaps spending too much on a certain product or didn’t need enterprise-level security for their sixty-person company. It’s about getting a second set of eyes in there to ensure your security is the strongest it can be.
Sometimes an admin will resist getting a third party assessment done as they fear it will reveal all the things that he or she is missing. But perhaps you’ve been campaigning for a next-gen firewall. By calling in experts like ourselves or another third party, you can actually reinforce your argument and demonstrate to your boss or the executive in charge that you’ll actually save money and improve security by going with the product you have been advocating.
So don’t fall victim to the many easy-to-fix issues that plague too many organizations. Contact Us today to schedule an appointment or speak with one of our security professionals to see how you can improve your security posture.