Network Security: IT Professionals’ Top Priority for 2014

Chances are if you’re reading this blog, you understand how vital it is for enterprises today to secure remote access to their corporate networks. It looks like that understanding is becoming more widespread – according to recent research by TechTarget and Computer Weekly, network security topped the list of IT professionals’ networking priorities in 2014. More than 600 IT professionals that specialize in networking across Europe participated in the publications’ annual purchase intentions survey. They work in IT departments across a wide range of industries, including education, manufacturing, finance and government. Across the board, 50 percent said security was the main business issue driving networking investments, followed by enabling worker productivity (34 percent) and reducing costs (32 percent). Further, the research revealed that the biggest driver of spending is the continued growth of BYOD. When BYOD first arrived on the scene, there were many debates about the risks and rewards of embracing it. Years later, it’s become less of a buzzword and more of a reality. There are certainly pros and cons to allowing employees to work from home or on their own devices, but the fact of the matter is that network access will be increasingly fluid for the foreseeable future, whether network professionals like it or not. One other finding that really stood out to us was that 44 percent of respondents think that keeping IT and corporate goals aligned will be the biggest challenge next year. While corporate and IT goals may differ in many ways, employee productivity can be the glue that holds them all together. In order to maximize productivity, companies should allow employees...

The Security Risks of Remote Support Tools

A recent study has come to light which shows that although remote support tools are being increasingly implemented within enterprises, IT decision-makers are uncertain about their safety. They should be, and for good reason. The study, conducted by Bomgar and Ovum, focused on the challenges that enterprises face in providing remote support to employees who are using a wide range of devices, such as smartphones and tablets. According to the research, nearly 25 percent of workers are currently mobile, and as a result, businesses will increase their support for remote workers over the coming 18 months. Despite this, the majority (more than two-thirds) of IT decision-maker respondents were concerned about the associated security risks. Remote support is alluring because it typically runs in web browsers, which makes it easy to install and utilize on many kinds of devices. However, because it is browser-based, all of the vulnerabilities of the browser can compromise the safety of communications with a corporate network. If a user does not log out properly, an attacker can gain total access to a network, with little oversight by IT. Plus, all network communication is transacted via third-party gateways, which exposes an enterprise’s servers to potential threats. Enterprises that are looking for all of the functionality, but none of the safety concerns associated with a remote support tool, should instead consider using an IPsec VPN gateway with a remote desktop component and a possibility to check server certificates at the VPN gateway. By using such a solution, an enterprise could have its staff access and control networked computers and devices through a highly secure and encrypted tunnel....

Developing a Comprehensive Remote Access Security Framework: Network Health and Trust

The need for a comprehensive remote access security framework cannot be emphasized enough. Those looking for proof of this concept need look no further than the recent Adobe hacking, and the chilling implications it has on network security. Our previous two posts in this series have discussed why the proliferation of mobile devices has made corporate networks more susceptible to malicious attacks, how unknown users and/or devices pose a serious threat to network security, and how establishing endpoint identities and roles can help protect against breaches. But what if cyber criminals could create superficial identities and roles that pass as legitimate? The unfortunate truth is, this scenario is a very real possibility. The most common method cyber criminals use to gain network access is spoofing endpoints’ Media Access Control (MAC) addresses. A MAC address is a device’s unique hardware number. When employees connect to their networks, a correspondence table relates their IP address to their computer’s physical MAC address. As previously explained, devices can be linked in a relationship registry to user identities based on a particular user/device combination. Once that’s done, a policy can be implemented that will grant or deny network access based on those combinations. Ideally, this process will screen out users that attempt to access the network with invalid credentials. But when a MAC address has been spoofed, another layer of defense is needed. Though there are several ways to detect a false MAC address, one of the best bets is to simply build a protocol right into an IPsec VPN client. This would allow the client to establish a secure, encrypted connection with the...

The Role of People-Centric Security Systems and Defense in Depth

Is it possible that IT administrators are actually doing too much to secure their corporate networks? Given the rate at which the enterprise security landscape changes, it almost seems like a rhetorical question at first. However, there’s growing concern that all of the remote access policies and procedures in place are doing more harm than good. In fact, at the recent Gartner Security and Risk Management Summit, Research Vice President Tom Scholtz went so far as to say that we have “lost the race in our attempt to throw controls at everything.” Could he be right? A recent ZDNet article makes a strong argument to back Scholtz’s claim. At its simplest, the problem with current controls is that they very rarely speak to individual users in a way that resonates with them. If employees working remotely don’t understand why certain protocols are in place, they probably won’t feel inclined to follow them. But what if companies did a better job explaining the dangers of not adhering to remote access policies? Would that provide the necessary incentive for remote employees? Scholtz certainly thinks so. According to the article, the key is to have companies adapt a people-centric security (PCS) system. In order for this system to be successful, the entire organization must be security-focused, and the best way to accomplish this is through employee education and awareness. It’s a concept that Scholtz compares to the “shared spaces” idea made famous by Hans Monderman, a famous Dutch road traffic engineer and innovator. Despite how dangerous the idea of vehicles and pedestrians sharing roadways with minimal signage may sound, it actually causes...

PKI for Authenticating Remote Access VPNs: How Government Agencies Ensure Secure Communications

With many documents critical to matters of national security being accessed on a daily basis, government agencies must ensure that all users trying to establish connections of any type to their networks are who they say they are, that they are authorized to access locations that they are connecting to and that all communications are encrypted. Public Key Infrastructure (PKI) compliance is the system that the public sector uses to verify a user’s information when attempting to establish a secure connection. PKI compliance in the United States, for example, is administered and monitored by The Federal PKI Policy Authority, an interagency body that was setup under the CIO Council to enforce digital certificate standards for trusted identity authentication across federal agencies and between those agencies, universities, state and local governments, and commercial entities. PKI enables users on non-secured networks to transmit data securely and privately. It does so by using a pair of public and private cryptographic keys obtained and shared through a trusted Certificate Authority (CA). The PKI system ensures that the digital certificates generated to match an identity with their public keys are stored by the CA in a central repository and can be revoked if necessary. The public key cryptography assumed by the PKI system is the most common method on the Internet for authenticating a message sender or encrypting a message. Traditionally, cryptography has involved the creation and sharing of a secret key for the encryption and decryption of messages. The most well-known uses are email and document encryption and authentication, but PKI is actually much broader than that. It can provide authentication for VPNs...