Breaching the Network

Breaching the Network

All businesses are at risk of a cyberattack

Cyberattacks are one of the greatest threats facing global businesses today. Hardly a day goes by that there isn’t a report of another company suffering at the hands of hackers breaching their networks and stealing sensitive customer or personal data. According to Identify Theft Resource Center (ITRC), there were 783 known data breaches in 2014, an increase of more than 27 percent over 2013. Furthermore, the FBI estimates that more than 1,000 retailers may be under assault from the same or similar malware that attacked Target and The Home Depot a couple of years ago.

Retailers are not the only at-risk sector for data breaches and cyberattacks. The risk is real for all types of public and private organizations. As reported in a recent Forbes article, some of the more recent companies and organizations to feel the pain from these breaches include Neiman Marcus, White Lodging Hotel Management, Affinity Gaming, Community Health Systems, UPS, PF Chang’s, JP Morgan Chase, Sony and even the citizens of New York City to name just a few on the extensive list, proving that these new types of criminals have a wide and non-discriminating reach.

To emphasize just how serious the threat of cyberattacks is becoming, the White House signed an executive order that urges companies to share cybersecurity threat information with one another and the government. Industry trade associations are also joining the fight against cyber crime with the Retail Industry Leaders Association (RILA) Board of Directors recently approving a comprehensive, collaborative and sustainable plan to address the challenges which includes enhancing existing cybersecurity and privacy efforts as well as informing the general public through increased dialogue in order to build and maintain consumer trust.

Emerging Trends

In response to the threats presented by cyber criminals, many organizations are physically separating their IT infrastructure for their networks based on their primary usage to limit exposure.

A prime example is creating a separate network to run physical security applications from the network used for other critical business processes. A physical security only network is typically used to host the company’s security devices such as intrusion detection, video, access control devices and related infrastructure.

Benefits

The benefits of a dedicated security-only network are multi-faceted. Not only does the security only network deliver a higher level of protection but also offers faster speeds, more bandwidth and easier access to the network for loss prevention and security teams while not impacting business critical systems. Deploying a standardized implementation across multiple locations can also provide for a lower cost alternative to traditional networks.

Further benefits to a security-only network include nearly unlimited access to the system for applications such as remote monitoring of video or conducting remote investigations, allowing investigators immediate access to video and supporting data. This not only reduces travel time and associated expenses but also the time it takes to conduct the investigations.

When the security-only network is monitored by a certified third-party provider, added benefits include advanced alerts of potential system failure or attempted breach of the network. The monitoring company can also ensure that the network has the latest network security protocols and anti-virus software at all times.

Who Should Consider a Security-Only Network?

Any type of organization that is looking to provide a safer and more secure physical environment for its employees, guests and assets while maintaining a higher level of security for its business critical operations, is a candidate for a dedicated security only network.

When determining if this type of network is a viable option, it is important to include the company’s internal IT resources in the evaluation and assessment of needs and requirements including security.

Selecting a Third-Party Provider

When considering a third-party provider for security only networks, traditional IT companies that design and implement standard networks may not be your best option. Selecting a company that has the proper certifications for designing networks as well as deep industry knowledge of the security devices running on the network and how they need to work together will greatly enhance the overall end result.

Certifications, such as Cisco Cloud and Managed Services Express Partner Certification, Meraki Certified, Sonicwall Certified and security product specific certifications will ensure successful system integration. Cisco Cloud and Managed Services Express Partner certification recognizes companies who have attained the expertise in the planning, designing, implementing and supporting of cloud or managed services based on Cisco platforms.

Steps to Consider When Designing a Security-Only Network

One of the first steps is to identify the circuit requirements for the security only network. Understanding what type of applications are going to be running on the network and how much bandwidth and speed is necessary to support the applications is key. Security only networks are often based on commodity broadband, so it is important to ensure that the carrier can deliver reliable service and speed at any given location.

It can be a challenging task trying to determine which carrier provides the best and most cost-effective solution. Your third-party provider can help identify the best solution among the available options in your area as well as procure and provision the circuit for optimum throughput.

Once the network parameters of adequate circuit bandwidth are determined, additional considerations that must be designed into the system include remote (VPN) access and appropriate security measure and rules. At a minimum there should be a strict password update rule both for duration of password life as well as re-use of passwords used in the past. Ideally a consolidated security identification system should be established to ensure continuous monitoring of access with biometric or other proven security solutions as part of any access to the network.

If any part of the network is wireless enabled, appropriate security for network access and ongoing traffic monitoring are essential. If they are not part of the system, monitoring to make sure that no additional devices with wireless capability are installed on the system.

Firewall protection design is essential. With the advent of IPv6 and its inclusion in networks, there is potential for security breach when tools designed for IPv4 are faced with IPv6 calls.

Continuous monitoring for abnormal network traffic, behavior or attempted unauthorized access are discovered, rules for appropriate notification and/or lockout must be determined and enforced.

Protection 1’s Solution

Protection 1 operates a Network Operations Center (NOC) as part of its Integrated Solutions Group. The center employs a team of Cisco Certified, Meraki Certified and Sonicwall Certified professionals. This team also holds the Cisco Cloud and Managed Services Express Partner certification, making Protection 1 the only security system integrator to hold this designation.

The NOC is primarily focused on providing real-time monitoring of IT-sensitive systems, including up/down status and network performance metrics. In addition to monitoring systems for performance and potential problems, the NOC also designs, installs and commissions LAN/WAN networks for companies that either do not have the internal resources to accomplish this in-house or for those who want a dedicated security only network. The addition of the Cisco Cloud and Managed Services Express Partner Certification introduces a new level of capabilities and expertise to the NOC in this growing outsourced services market.

“Protection 1’s ongoing investment in technology and the skillsets of our team members give us the ability to deliver more than just security integration to our customers,” said Christopher BenVau, senior vice president of Enterprise Solutions for Protection 1. “We are seeing more of our customers implementing networks that are separate from their customer data and POS networks to ensure a higher level of security due to recent data breaches. This trend makes the services provided by the Network Operations Center even more important as our customers’ needs evolve.”

The NOC team can design and deploy a company’s network, implement and manage broadband connections and design and implement VoIP systems. The Network Operation Monitoring Center can notify a customer if their IP camera is out before they even realize it. With the large storage arrays in use today, one unknown failed hard drive could bring down an entire system, potentially destroying all archived video. The NOC can monitor the health of hard drives as well and immediately notify the customer of a failed drive, while scheduling a service call to remedy the situation and minimize loss. Cloudbased services managed from the NOC include a web-based dashboard that allows management and reporting of all IT environments including networks, security, and IP telephony along with Cloud backup and disaster recovery services.

The growing threat of cyber crime and the high cost associated with remediating the aftermath of an attack, both in terms of hard dollars and the damage to brand reputation and customer trust, can be devastating to an organization.

New and innovative approaches to elevating the protection of sensitive data have never been more pressing. Whether organizations choose to implement changes to their networks internally or through a third-party partner to make them more secure, it is a process that is worth heavy consideration.

The cost of implementing a security only network pales in comparison to the cost of an actual breach. If an organization or company has not yet considered the possibility of implementing a higher level of security to protect their business and their customers, it is probably time to do so.

Cyber crime rates are escalating at exponential levels and cyber-criminals will continue to grow more sophisticated in their approach. Now is the time to ensure your business is protected.

This article originally appeared in the August 2015 issue of Security Today.

Featured

Featured Cybersecurity

Webinars

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3