The Borderless Datacenter

Part 2 of 3 – The Threat Landscape

Regardless of the physical location of an organization’s critical data and applications, the threats continue to increase not only in numbers but also in complexity. Planning for the many contingencies that could arise in the course of operating in this sort of environment can be a big challenge. The best approach is to remain vigilant, and have a solid incident response plan allows the organization to be nimble and prepared.
bdc_20f3_top

Ransomware has quickly emerged as one of the most dangerous cyber threats facing both organizations and customers.

How others view your network

Hacking

The act of penetrating a vulnerability for the purposes of moving laterally through a network. The motivations may vary, but common tools that help with this activity are unintended data leakage / theft, as well as social engineering.

Malware

Simply put, is code that is designed to do bad things. The execution of this code within an infrastructure environment can cause any number of benefits for those motivated to get into that environment.

APT

The advanced persistent threat, also known as the “uninvited guest”, allows intruders to penetrate but remain under the radar. A motivation for this tactic would be to harvest information over a certain period of time and/or prepare for a more serious threat to the environment.

Ransomware

As the name implies, the primary purpose of this method of attack is to withhold access to key data and/or applications unless the attacker is paid the ransom.

Building a security focused network

A well-built fortress has many layers defenses

Understanding the threat landscape is an important first step to the process, as many IT leaders come to grips with the fact that a breach is an almost certainty in today’s business environment. As the applications and data become much more spread out between different infrastructure environments, the need for an all-encompassing IT Security strategy becomes more of a need, rather than a want.

When addressing security in a network infrastructure, it is important to note that the flow needs to be circular and not in a straight line. Meaning, there will be many factors that change and shift over time that will cause IT leaders to adjust.  In this way, IT security becomes more of a methodology and a process, rather than a pre-defined set of rules that don’t change.

bdc_20f3_mid

 

 

 

Network Security Best Practices and Tools

Deception (adding fake targets intended to distract attackers)

Security Information and Event Management (know when events are occurring)

Next Generation Firewalls (introduces several layers of protection at once)

Secure Remote Access (protect your remote users)

Advanced Malware Protection (adds a deeper level of application level protection)

Local Administrator Password Solution (reduces the reliance on a single password for system administration)

Privileged Access Workstation (reduces the attack surface in your environment)

Network Segmentation (breaks up the network environment to restrict the impact of a threat)

Policy and Technology Alignment (ensures that the technology follows a pre-defined strategy)

The RSM ‘P R O T E C T’ Methodology

A proven framework used for not only aligning policy and technology elements within a network infrastructure, but also integral to introducing network segmentation capabilities into flat topologies and single-layered architectures by breaking the segmentation process down into manageable steps.

Many of today’s network environments have a single layer of defense from outside influences. This makes it difficult to protect from ALL of the different threats that exist, and with the increasing infrastructure footprint that most IT managers are faced with, simply cannot do the job.Any organization that is faced with the prospect of implementing new controls into their network environment would be well served by proceeding in a purposeful and methodical manner.   The PROTECT approach breaks down this process into a very structure process.

The RSM Infrastructure Team

Whether you need to implement a new information technology (IT) environment, migrate from a legacy platform or transform your current system capabilities, our technology professionals will ensure your technology is optimized to support your business as it grows. At RSM, we use a consultative approach and have strategic alliances with leading solution providers, including: Cisco, Microsoft, HP Inc., Dell EqualLogic, NetApp, VMware, Citrix and many others.

 

Learn more about RSM’s PROTECT methodology

 

 

 

 

 

Step by Step:

1.       Policies – Segmentation activities and data classification that is based on the review, definition and adoption of policies specific to the organization requirements, which becomes the foundation upon which the overall segmentation plan is based.

2.       Risks – As risks are mitigated by introducing network segmentation, other risks can be encountered in the way of availability and accessibility by users and systems.   The risk phase analyzes potential impacts of policy implementation, and adjusts based on the related risk factors.

3.       Options – Provides the organization with recommended solutions for achieving the defined segmentation policies while addressing the proposed risk mitigation strategies.

4.       Turn-Up – Performs the necessary preparation work (e.g. patches, software updates, configuration changes), which lays the groundwork for the chosen options to segment the network.

5.       Enforcement – Once the Turn-up phase is complete, production traffic can begin to be migrated in a careful manner to the newly segmented network.

6.     Confirmation – Upon successful completion of the turn-up and enforcement phases, it is important to re-evaluate the environment to ensure that the policies and risks are properly addressed.

7.     Training – Almost as important as the changes themselves, it is important to introduce the users and executive teams in your organization understand and adhere to the new strategy.

rsm