Posts

Higher Education Makes Cybersecurity a High Priority – Are You Prepared?

Digital natives predominantly compose the student body at today’s education institutions, and technological advancements have created unprecedented opportunities for personalized learning. BYOD and other emerging technologies have allowed school districts, colleges, and universities to become more effective, inclusive, and collaborative.

With the proliferation of devices now on the network, however, IT administrators are now faced with the enormous task of empowering end-users to capitalize on the benefits of increased mobility and connectivity, while also ensuring the integrity of the organization’s network and data. In our current threat environment, it is more critical than ever that schools, colleges and universities develop an overarching, end-to-end security approach that aligns with the institution’s mission.

A recent SonicWall survey, conducted in partnership with the Center for Digital Education, targeted higher education IT professionals, including executives (CIO, CISO, VP of IT, etc.), IT Directors and network managers to assess the state of network security on college campuses. A key takeaway from the study, however unsurprising, is that 73 percent of respondents rank cybersecurity high or very high among their institution’s technology priorities.

Just as cybersecurity has become a priority across industry and government, higher education institutions are shining a brighter spotlight on security – and for good reason. While educational institutions rank their ability to detect and block cyber attacks relatively high, with 65 percent citing their abilities as good or excellent, only 17 percent indicate that they have not experienced a network breach/incident in the past year. This statistic is indicative of the fact that cyber threats are continuing to increase in both frequency and sophistication in every industry.

In response to the growing threat of data breaches, 77 percent of survey respondents indicate they expect to spend more on network security in the next 12 months and 63 percent expect to spend more on secure access to data and applications. This is an encouraging statistic, as it reflects increased awareness around the need to strengthen security and mitigate risk.

In our hyper-connected world, a strong security posture is a strategic investment for education at all levels. IT administrators and decision makers across the education industry need to address the continually growing role of technology on campus by implementing end-to-end security solutions that protect all data and endpoints, old and new. Holistic, end-to-end security that utilizes identity access management, next-gen firewalls, endpoint security and efficient patch management allows school districts, colleges and universities to confidently and securely offer the benefits of increased mobility and other IT advances to their faculty and students.

For more details from the survey, view the on-demand webcast “Network Security in Education: The changing landscape of campus data security.” In this November 2015 webinar, Larry Padgett of the School District of Palm Beach County reviews how his district – the 10th largest in the United States — is leveraging people, processes, and SonicWall next-generation firewalls to protect a network serving 189,000 students and staff in nearly 200 sites. SonicWall Security’s Ken Dang joins Larry in this Education Dive webinar.

Take Control of Your Network During the Holiday Shopping Season

It’s the holiday season and that means we’re all busy with fun activities. Take online shopping for example. Many of us will do it between Black Friday and New Year’s, even for just a little while. Some of us do it at work. When employees spend time shopping online during work hours it presents challenges for any organization. Perhaps the three biggest challenges are network security, employee productivity and bandwidth consumption.

How popular is online shopping? Last year, data from the National Retail Federation (NRF) revealed that retail holiday buying increased 4.1% to just over $600 billion. Much of that shopping was done online. This year the NRF is forecasting retail sales of $630 billion, up 3.7% over 2014. According to an NRF survey almost half of all holiday shopping, whether it’s making a purchase or merely browsing, will again be done online this year. Let’s take a look at the impact this has on organizations and the steps you can take to overcome the challenges online shopping poses.

Network security

  • Malware – Employees who shop online at work inadvertently create opportunities for malicious attacks directed at your network and your organization. The most common threats are viruses, worms, Trojans and spyware.
  • Phishing – Phishing is an email fraud method in which the perpetrator sends out a legitimate-looking email in an attempt to gather personal and financial information from unsuspecting recipients.
  • Malicious advertising – Commonly referred to as “malvertising,” this threat uses online advertising to spread malware which can then capture information such as credit card and social security numbers from infected machines.

Employee productivity

  • The big drain – With workers bringing their own smartphones and tablets into the office, we’re seeing an increased blurring of the line between work life and personal life as employees exercise more freedom to use these devices for personal activities such as online shopping during work hours. When they’re shopping on company time it means they’re not working so their productivity has decreased.

Bandwidth consumption

  • Disappearing bandwidth – With about half of your employees shopping online during the holidays, the bandwidth available to critical applications on your network is going to disappear. Therefore, it’s critical to prevent vital bandwidth from being consumed by non-productive web use.

While you can’t completely eliminate threats to your network, drops in productivity and misuse of valuable bandwidth, there are measures you can take that are well within the reach of your organization simply by practicing good digital hygiene. Here are five things your organization can do to reduce the risks of a successful attack while maintaining productivity levels and conserving bandwidth.

  1. Help employees learn how to avoid malvertising and recognize phishing emails. Be on the lookout for suspicious emails and links, especially those requesting sensitive information.
  2. Educate employees to use different passwords for every account. Establish policies for strong passwords such as guidelines regarding password length, the use of special characters and periodic expiration, and reduce the number of passwords through single sign-on.
  3. Because many attacks are based on known vulnerabilities in browsers including Internet Explorer, as well as in plug-ins and common apps, it’s critical to apply updates and patches promptly and reliably. They will contain fixes that can block exploits.
  4. Make sure you install an intrusion prevention system and gateway anti-malware technology on your network. They add important layers of protection by blocking Trojans, viruses, and other malware before they reach the company network. They can also detect and block communications between malware inside the network and the cybercriminal’s server on the outside.
  5. Take back control of your network by limiting the use of your bandwidth to business-related activities. There are several technologies available such as content and URL filtering that can be used to prevent employees from visiting websites dedicated to shopping and other non-productive topics. Also, application control provides the tools to restrict the use of applications such as social media to employees who have a business reason to use them.

SonicWall offers a complete range industry-leading next-generation firewalls that secure your network from threats and give you the controls to keep employee productivity high and bandwidth focused on business-critical applications. To learn more about how these solutions can help you during the holiday shopping season and beyond, please visit our website.

The Evolution of Defense-in-Depth

This post was written by Dan Cole.

As enterprises continue to shore up their defenses in anticipation of the next breach, it’s understood by many security professionals that it’s not a matter of if it happens, but when. And when it does, how soon they would know before the attack has completed its cycle.

To offset these upcoming threats, perimeter security experts have been doubling up on their defense solutions, layering security from the very edge of their perimeter (Firewalls, IPS, NGFW) to the deep core and asset point (end point software, application firewalls, etc.) of their IT infrastructure. This was done to not only prevent a breach, but to buy time for organizations to respond to such attacks. As I described in my earlier blog, Defense-in-Depth is very much like a “Castle” approach in building your IT security infrastructure.

But much like the castle illustrated here, by building such defense mechanisms chasms are inadvertently created. Translating this to the cyber realm the chasms represent the response time between and during ongoing attacks.

Now on the flip side of the coin, as cyber warfare incorporates both offense and defense strategies. The offense approach, which is structured and labeled by the military (as most things are) as the Kill chain. Simply put the Kill chain, from a military model perspective includes the following:

  • Target identification
  • Force dispatch to target
  • Decision and order to attack the target
  • Destruction of the target

By adapting this structured approach, Lockheed Martin coined the term Cyber Kill Chain model, like Defense in Depth, yet the opposing approach ““ which is to attack an IT infrastructure. The perspective of the hacker if you will.

These steps include but are not limited to the following:

  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command and Control
  • Actions on Objective

Today, attackers who have successfully penetrated classic Defense in Depth models, have leveraged an adaptation of the Cyber Kill Chain. So what’s the delta? What do IT experts need to incorporate into their defense strategy to help mitigate against such advanced attack approaches?

Defense in Depth with Intelligence

As discussed earlier one of the biggest challenges with the classic defense in depth approach is the inadvertent chasms that are created. These chasms are essentially people, process, and product related.

In larger enterprises there are multiple IT departments, with various responsibilities regulated based on assets managed. Network engineers may not necessary know or communicate to the security engineers. Although aspirations are to insure that process’s followed are global and relevant to all IT infrastructure touch points, in reality they are rarely followed. Lastly, products that are purchased and then deployed into the Enterprise are usually incompatible with each other, resulting in a differing log languages and management structures.

Although the people and process are valid challenges and problems that will need to be tackled, my responsibility as a product manager of the Network Security Products for SonicWall Security will be to insure that the chasms of product compatibility with adjacent security technologies are closed. The initiatives launched with our Connected Security vision will help in understanding these challenges better, as we ourselves being part of the SonicWall technology family need to bring various disparate technologies together to build a solution that will work for not only our customers but for ourselves (at SonicWall ).

One of the biggest challenges and approaches to minimizing this divide is by building a security communication framework in which all of our products can communicate using a common language. With this ability we would be able to make our products and other devices within our customer’s security infrastructure to respond and alert intelligently, minimizing the intervals between the attack cycles incorporated in the Kill Chain model.

As we and our customers continue to shore up our security infrastructure for the next generation of cyberattacks, the existing Defense in Depth model will need to be adapted and upgraded with intelligence. With intelligence we will be helping our customers in addressing the chasms within their castle.

Six CyberSecurity Tips for the Holiday Season

The holiday shopping season is also a big season for cyber-criminals to breach high-traffic retailers. Forecasting from trends I have seen over the past 18 months, here are six security tips on how to protect your retail business. These often-overlooked recommendations are not limited to the holiday season, and you can implement them at any time:

1. Know what is connected to your network. Do you allow employees to use their personal devices to connect to your network? A favored penetration path is through unprotected devices that come on the network. First off, insist that everyone has current antivirus software loaded on their devices. Moreover, use a firewall that knows what is on your network, can enforce which applications people can access, and provide a high level of granularity to restrict access to non-productive applications (or sub-applications, such as games on Facebook).

2. Update your software. During 2015, numerous security updates were pushed to customers of browsers, operating systems, plug-ins and applications. Often overlooked during the year, software updates are the easiest way for cyber-criminals to compromise your network, commonly through outdated applications. This drafty window into your business can be easily shut. Before the holiday season gets under way, have your PC users spend an hour at the end of the day to update software (it often requires a reboot) and make sure your apps (especially Java) are up to date. Encourage users to do this monthly, insist on it quarterly.

3. Change your passwords. While you may not have been enforcing a change in passwords to access your network on a regular basis, it is a fast and easy way to close the door on insider-initiated breaches. Over the past year, employees have come and gone. Changing the password provides an opportunity to start out fresh. But now the problem becomes remembering the new password. One technique is to use a personally memorable passphrase that only you would know. If you feel you must write the password down, secure it in a locked drawer with limited access. You might be surprised how many make the dangerous mistake of writing it down on a sticky note placed on a computer.

4. Prepare for ransomware. Going by recent trends, there is an increasing chance that someone will get into your system, encrypt your data and bring your business to a halt unless you pay a ransom. Be ready. Make a backup daily (start today), and test regularly to make sure that you can easily recover your data off the network. If you do get hit, you then have a baseline to go back to, so you can keep your business going.

5. Secure your WiFi. WiFi can improve shopper experience and help retain customers. But do you know if your WiFi is secure? Is your wireless circuit set up to isolate your business traffic from your guest traffic? If not, consider turning off WiFi until it is secured. It is too easy to compromise a network through an insecure WiFi connection.

6. Isolate your POS. Speaking of isolation, make sure your POS system is isolated from the rest of your network traffic. That way, you close another door on cyber-thieves.

There is plenty more that can be done, but the holiday season may preclude additional immediate activities. My recommendation is to set a date after the holidays to review your security position and plan for improvements in 2016. Ask others who operate retail stores what they are doing. Or talk to a security specialist like those we have a SonicWall. They can help you build a roadmap to better security.

If you want to learn more about how to protect yourself from threats that have emerged as the internet grows, I encourage you to read our ebook: “How to prevent security breaches in your retail network.” It goes deeper into retail security and will help you to become savvier when you evaluate your security posture.