Computer Transition Services, Inc.
  • About Us
  • What We Do
  • The CTSI Experience
  • Resources
  • Locations
    • Lubbock, TX
    • Amarillo, TX
    • Abilene, TX
    • Midland, TX
    • Plano, TX
  • Careers
  • Contact Us
  • CTSI Referral Program
  • Support
  • Pay My Bill
  • 1.800.OUR.CTSI
  • Search
  • Menu Menu
walking

Stick with Security: Segment your network and monitor who’s trying to get in and out

December 20, 2017/in Blog, Cybersecurity /by CTSI

used with permission from FTC.gov
by Thomas B. Pahl, Acting Director, FTC Bureau of Consumer Protection

Who’s coming in and what’s going out? Businesses that want to stick with security build commonsense monitoring into their brick-and-mortar operations. Whether it’s a key card reader at the door or a burglar alarm activated at night, careful companies keep an eye on entrances and exits.

Your computer systems deserve the same kind of watchful attention, which is why Start with Security advises you to segment your network and monitor who’s trying to get in and out. Based on FTC cases, closed investigations, and questions posed by businesses, here are examples illustrating the benefits of segmenting your network and monitoring the size and frequency of data transfers.

Segment Your Network.

Network technology gives companies the option to link every computer, laptop, smartphone, and other device together on the same network. Of course, there may be legitimate business reasons why you need some of your data transfers to be seamless. But is there sensitive information on your network that deserves special treatment?

Segmenting your network — for example, having separate areas on your network protected by firewalls configured to reject unnecessary traffic — can reduce the harm if a breach happens. Think of it like water-tight compartments on a ship. Even if one portion sustains damage, water won’t flood another part of the vessel. By segmenting your network, you may be able to minimize the harm of a “leak” by isolating it to a limited part of your system.

Example: A company must maintain records that include confidential client information. By using a firewall to separate the part of its network that contains its corporate website data from the portion that houses confidential client information, the company has segmented its network in a way that could reduce the risk to sensitive data.

Example: A regional retail chain permits unrestricted data connections across its stores — for example, allowing a computer from the store in Tampa to access employee information from the Savannah store. Hackers detect a security lapse in one in-store network and exploit the “open sesame” aspect of the company’s system to gain access to sensitive data on the corporate network. The retail chain could have reduced the impact of the initial security lapse by segmenting the network so that a weakness at one location doesn’t put the entire corporate network at risk.

Example: A large consulting firm segments its network into a sensitive and non-sensitive side. However, the credentials to the sensitive side are accessible from the non-sensitive side. Thus, the firm undermined its efforts at segmentation by making it easier for data thieves to access confidential information.

Monitor Activity on Your Network.

Another key component of network security is monitoring access, uploads, and downloads and responding quickly if something seems amiss. Businesses don’t need to start from scratch. A number of tools are available to warn you about attempts to access your network without authorization and to spot malicious software someone is trying to install on your network. Those same tools can alert you if quantities of data are being transferred out of your system — exfiltrated — in a suspicious way.

Example: A company installs an intrusion detection system to monitor entry onto its network, but it fails to monitor outgoing connections. As a result, large amounts of sensitive files are transferred to an unknown foreign IP address. The company could have detected the unauthorized transfer if it had configured its system to flag exfiltration of large amounts of data and routinely monitored any flags.

Example: An up-to-no-good employee decides to steal sensitive customer information. The company has tools in place to detect when confidential data is accessed outside of a normal pattern and to alert the IT staff when large amounts of data are accessed or transferred in an unexpected fashion. Those steps make it easier for the company to catch the data thief in the act — and to protect customers in the process.

Example: A company sets its intrusion detection system to flag exfiltrations of over 1GB of data to foreign IP addresses. The system flags hundreds of false positives per day. Concluding that the false positives are too disruptive, the company simply turns off the alerts. The better practice would be for the company to do further testing and calibration to address the problem of false positives, rather than completely turning off the system.

Example: A company properly configures an intrusion detection tool to alert IT staff of anomalous patterns of activity on its network. During the setup process, the company instructs the tool to send alerts to a designated company email address. The IT professional assigned to monitor that address goes on extended medical leave, and the email address is not monitored during his absence. By failing to ensure prompt monitoring of the alerts, the company has increased the risk that a breach will go undetected for a long period of time.

The lesson for businesses is to make life harder for hackers. Segment your network so that a data “oops” doesn’t necessarily turn into a major “uh-oh.” Use readily accessible tools to monitor who’s entering your system and what’s leaving.

Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail

Categories

  • Blog
  • Business Communication
  • Business Tips
  • Cybersecurity
  • Education
  • Government
  • Healthcare
  • Managed IT Services
  • Networking
  • News
  • Press Release

Subscribe to Our Newsletter

Computer Transition Services, Inc.

Lubbock
3223 S Loop 289
Suite 556
Lubbock, TX 79423

Amarillo
817 S Polk St
Suite 101
Amarillo, TX 79101

Midland
3300 N A St
Building 6, Suite 130
Midland, TX 79705

Plano
7250 Dallas Pkwy
Plano, TX 75024

806.793.8961
1.800.OUR.CTSI

 

 

 

Sitemap
About Process Services Testimonials Contact Us Resources Support Careers Transparency in Coverage
this business is lubbock safe logo
Social Media
facebook logo twitter logo linkedin logo
Comp TIA Security TRUSTMARK log
© Copyright - Computer Transition Services, Inc. All rights reserved 2021 | Sitemap | Privacy Policy
3 Security Advantages of Managed IT Services power button computer keyboard water damage How ridesharing services can take your privacy for a ride
Scroll to top