Protecting the network with your sensitive business data
Are your physical security devices attached to the same network as your sensitive business data? Then, you had better take as much care to cyber secure those devices as you do your wireless access points, printer connections, scanners and other traditional networkattached technology. Any network node left unprotected could become a potential threat to overall network security.
What you need to do to harden your network connections depends on your risk assessment. First identify what assets need protection. Then investigate what threats or vulnerabilities pose a risk to those assets. Once you have that information in hand you can decide whether those risks are worth mitigating. For organizations handling credit card payments and/or patient data, the physical security of stored data—whether in the cloud or an in-house data center—is mandated by law and the financial penalties for non-compliance are significant. For some business owners, the consequences of unauthorized system breaches might be minimal which would influence how much they spend on protection technology.
Sometimes, the solution is as simple as network segmentation either through physical wiring or a VLAN. Separating network resources that shouldn’t interact or have no need to interact with each other increases overall network protection levels and assists in optimizing resource management.
Breaches Aren’t Always the Result of a Frontal Attack
The convergence of so many new technologies on the same network infrastructure has placed an enormous burden on IT departments to pay particular attention to the cyber security of a plethora of non-traditional network-attached devices. Due diligence must be paid to the security configuration of these devices to eliminate exploitation—whether the devices are heating, ventilation and air conditioning (HVAC) controls and monitors; intelligent building automation devices such as smart thermostats, Smart Grid power monitoring and control devices; or networked surveillance cameras and IP-based access control systems.
One recent, highly publicized and massive retail customer data breach stemmed from the hijacked login credentials of a thirdparty HVAC service provider. Typically the HVAC services company would remotely log into the retail stores’ HVAC monitoring systems for maintenance. Cyber hackers followed the same protocol, logging into the system using the stolen services company’s login credentials to gain access to the network. From there they were able to tap into the retailer’s point of sale systems which resided on the same physical network infrastructure. As a result confidential customer data was compromised.
The moral of the story? Keep a close eye on all network connected systems. They could be your Achilles Heel when it comes to securing sensitive corporate and client data. Once you understand what impact a successful breach might have on your business—financial penalties, loss of company reputation and market share, or perhaps negligible repercussions—you can plan your security spending accordingly.