Spring cleaning season has almost finished and summer is almost here, if you haven’t gotten around to giving your network a good spring cleaning yet, it’s never too late to step back and sweep out the cobwebs to improve your security posture. In his latest guest article for Help Net Security, WatchGuard’s Sr. Security Researcher, Marc Laliberte, suggests a few key tips you can use to tidy up your network safeguards:
Review third-party access and policies
Network admins and IT workers should have a formal system in place for reviewing and removing access and credentials they have issued to contractors and third parties, but somehow a few of these always slip through the cracks.
At least once per year, make a point to review which contractors and third-party services have access to your network or VPN, remove ones that are no longer active, and ensure the ones that are active are completely locked down. For example, if you set up a temporary account giving a consultant privileged access but forgot to remove it when their contract ended, you’re leaving a weakness in your organisation’s security. Whenever possible, use the principle of least privilege.
This also applies to firewall policies. Many administrators will add temporary policies for legitimate reasons, but then forget to remove them. For instance, if a contractor needs to transfer files regularly with a remote cohort at his headquarters, IT might spin up a temporary FTP server and sets a policy to let the contractors reach it remotely through their firewall. A month later, the administrator has forgotten about the FTP server and policy. Six months later, the forgotten server hasn’t been patched and is now vulnerable to several new exploits.
The good news is many firewalls and UTMs have features that will show which policies are used often, and which have remained unused for weeks or months. These features can help administrators to quickly purge outdated policies.
Take inventory of network upgrades
As your network grows, your technical security controls need to grow with it. Once a year, look at how your network has changed and assess if your current security hardware and software is still adequate. As employees bring in more IoT devices like Fitbits or as connected lightbulbs and IoT sensors make their way into the office, they increase the workload on endpoint security solutions.
As network speeds increase, firewall appliances need enough power to process that increased volume of traffic while still performing all of its security scans. A five-year-old UTM won’t be able to process the amount of HTTPS traffic present on today’s networks without slowing down network performance or skipping important security services. Make sure your network isn’t outgrowing its security controls.