Breaching the Network
All businesses are at risk of a cyberattack
- By Lee Pernice
- Aug 01, 2015
Cyberattacks are one of the greatest threats
facing global businesses today. Hardly a day
goes by that there isn’t a report of another
company suffering at the hands of hackers
breaching their networks and stealing sensitive
customer or personal data. According to
Identify Theft Resource Center (ITRC), there were 783 known
data breaches in 2014, an increase of more than 27 percent
over 2013. Furthermore, the FBI estimates that more
than 1,000 retailers may be under assault from the same or
similar malware that attacked Target and The Home Depot a
couple of years ago.
Retailers are not the only at-risk sector for data breaches and
cyberattacks. The risk is real for all types of public and private
organizations. As reported in a recent Forbes article, some of
the more recent companies and organizations to feel the pain
from these breaches include Neiman Marcus, White Lodging
Hotel Management, Affinity Gaming, Community Health Systems,
UPS, PF Chang’s, JP Morgan Chase, Sony and even the
citizens of New York City to name just a few on the extensive
list, proving that these new types of criminals have a wide and
non-discriminating reach.
To emphasize just how serious the threat of cyberattacks is
becoming, the White House signed an executive order that urges
companies to share cybersecurity threat information with one
another and the government. Industry trade associations are
also joining the fight against cyber crime with the Retail Industry
Leaders Association (RILA) Board of Directors recently approving a comprehensive, collaborative
and sustainable plan to address the challenges
which includes enhancing existing
cybersecurity and privacy efforts as well
as informing the general public through
increased dialogue in order to build and
maintain consumer trust.
Emerging Trends
In response to the threats presented by
cyber criminals, many organizations are
physically separating their IT infrastructure
for their networks based on their primary
usage to limit exposure.
A prime example is creating a separate
network to run physical security applications
from the network used for other critical
business processes. A physical security
only network is typically used to host the
company’s security devices such as intrusion
detection, video, access control devices
and related infrastructure.
Benefits
The benefits of a dedicated security-only
network are multi-faceted. Not only does
the security only network deliver a higher
level of protection but also offers faster
speeds, more bandwidth and easier access
to the network for loss prevention and security
teams while not impacting business
critical systems. Deploying a standardized
implementation across multiple locations
can also provide for a lower cost alternative
to traditional networks.
Further benefits to a security-only network
include nearly unlimited access to
the system for applications such as remote
monitoring of video or conducting remote
investigations, allowing investigators immediate
access to video and supporting
data. This not only reduces travel time and
associated expenses but also the time it
takes to conduct the investigations.
When the security-only network is
monitored by a certified third-party provider,
added benefits include advanced
alerts of potential system failure or attempted
breach of the network. The
monitoring company can also ensure that
the network has the latest network security
protocols and anti-virus software at
all times.
Who Should Consider a
Security-Only Network?
Any type of organization that is looking
to provide a safer and more secure physical
environment for its employees, guests
and assets while maintaining a higher level
of security for its business critical operations,
is a candidate for a dedicated security
only network.
When determining if this type of network
is a viable option, it is important to
include the company’s internal IT resources
in the evaluation and assessment of
needs and requirements including security.
Selecting a Third-Party
Provider
When considering a third-party provider
for security only networks, traditional IT
companies that design and implement
standard networks may not be your best
option. Selecting a company that has the
proper certifications for designing networks
as well as deep industry knowledge
of the security devices running on
the network and how they need to work
together will greatly enhance the overall
end result.
Certifications, such as Cisco Cloud
and Managed Services Express Partner
Certification, Meraki Certified, Sonicwall
Certified and security product specific
certifications will ensure successful system
integration. Cisco Cloud and Managed
Services Express Partner certification recognizes
companies who have attained the
expertise in the planning, designing, implementing
and supporting of cloud or managed
services based on Cisco platforms.
Steps to Consider When
Designing a Security-Only
Network
One of the first steps is to identify the
circuit requirements for the security only
network. Understanding what type of applications
are going to be running on the
network and how much bandwidth and
speed is necessary to support the applications
is key. Security only networks are often
based on commodity broadband, so it
is important to ensure that the carrier can
deliver reliable service and speed at any
given location.
It can be a challenging task trying to
determine which carrier provides the best
and most cost-effective solution. Your
third-party provider can help identify the
best solution among the available options
in your area as well as procure and provision
the circuit for optimum throughput.
Once the network parameters of adequate
circuit bandwidth are determined,
additional considerations that must be
designed into the system include remote
(VPN) access and appropriate security
measure and rules. At a minimum there
should be a strict password update rule
both for duration of password life as well
as re-use of passwords used in the past.
Ideally a consolidated security identification
system should be established to ensure
continuous monitoring of access with
biometric or other proven security solutions
as part of any access to the network.
If any part of the network is wireless
enabled, appropriate security for network
access and ongoing traffic monitoring
are essential. If they are not part of the
system, monitoring to make sure that no
additional devices with wireless capability
are installed on the system.
Firewall protection design is essential.
With the advent of IPv6 and its inclusion
in networks, there is potential for security
breach when tools designed for IPv4 are
faced with IPv6 calls.
Continuous monitoring for abnormal
network traffic, behavior or attempted unauthorized
access are discovered, rules for
appropriate notification and/or lockout
must be determined and enforced.
Protection 1’s Solution
Protection 1 operates a Network Operations
Center (NOC) as part of its Integrated
Solutions Group. The center employs a
team of Cisco Certified, Meraki Certified
and Sonicwall Certified professionals. This
team also holds the Cisco Cloud and Managed
Services Express Partner certification,
making Protection 1 the only security system
integrator to hold this designation.
The NOC is primarily focused on providing
real-time monitoring of IT-sensitive
systems, including up/down status
and network performance metrics. In addition
to monitoring systems for performance
and potential problems, the NOC
also designs, installs and commissions
LAN/WAN networks for companies that
either do not have the internal resources
to accomplish this in-house or for those
who want a dedicated security only network.
The addition of the Cisco Cloud
and Managed Services Express Partner Certification introduces a new level of capabilities
and expertise to the NOC in this
growing outsourced services market.
“Protection 1’s ongoing investment in
technology and the skillsets of our team
members give us the ability to deliver more
than just security integration to our customers,”
said Christopher BenVau, senior
vice president of Enterprise Solutions for
Protection 1. “We are seeing more of our
customers implementing networks that
are separate from their customer data and
POS networks to ensure a higher level of
security due to recent data breaches. This
trend makes the services provided by the
Network Operations Center even more
important as our customers’ needs evolve.”
The NOC team can design and deploy
a company’s network, implement
and manage broadband connections and
design and implement VoIP systems. The
Network Operation Monitoring Center
can notify a customer if their IP camera
is out before they even realize it. With the
large storage arrays in use today, one unknown
failed hard drive could bring down
an entire system, potentially destroying all
archived video. The NOC can monitor the
health of hard drives as well and immediately
notify the customer of a failed drive,
while scheduling a service call to remedy
the situation and minimize loss. Cloudbased
services managed from the NOC include
a web-based dashboard that allows
management and reporting of all IT environments
including networks, security,
and IP telephony along with Cloud backup
and disaster recovery services.
The growing threat of cyber crime and
the high cost associated with remediating
the aftermath of an attack, both in terms
of hard dollars and the damage to brand
reputation and customer trust, can be devastating
to an organization.
New and innovative approaches to elevating
the protection of sensitive data
have never been more pressing. Whether
organizations choose to implement changes
to their networks internally or through
a third-party partner to make them more
secure, it is a process that is worth heavy
consideration.
The cost of implementing a security
only network pales in comparison to the
cost of an actual breach. If an organization
or company has not yet considered
the possibility of implementing a higher
level of security to protect their business
and their customers, it is probably time to
do so.
Cyber crime rates are escalating at exponential
levels and cyber-criminals will
continue to grow more sophisticated in
their approach. Now is the time to ensure
your business is protected.
This article originally appeared in the August 2015 issue of Security Today.