CS Nov-Dec 2020
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
industry insights<br />
seen in years, records that you never<br />
knew you had, a million and one Allen<br />
keys, an assortment of sports equipment,<br />
the traditional tin of Quality Street from<br />
the 80s, now containing screws and wall<br />
plugs, cables, and lots and lots of<br />
electronic wires and cables. Whilst some<br />
of this stuff is useful, most of it will either<br />
end up at the charity shop or the tip, but<br />
at the end of it all there's a great sense<br />
of satisfaction that you know where<br />
everything is and that everything is in<br />
order (for now at least).<br />
Organisations aren't so different and<br />
it's easy to collect a host of information<br />
technology 'stuff'. It's even easier to lose<br />
track of this technology as time goes on -<br />
especially as the company grows and<br />
people move on, vital knowledge can<br />
easily get lost along the way.<br />
But when it comes to organisations,<br />
the consequences of not knowing what<br />
you have or how it may be connected<br />
to the outside world can be dangerous,<br />
providing malicious threats with a<br />
potential way into your networks.<br />
KNOWING WHAT YOU HAVE<br />
One of the fundamental IT security<br />
challenges within organisations,<br />
especially larger ones, is the shadow IT<br />
'visibility gap' between assumed or known<br />
infrastructure and what actually exists.<br />
Understanding this is a first vital step in<br />
developing a robust security posture for<br />
an organisation. After all, if you don't<br />
know a legitimate device or application<br />
exists on your network, how can you<br />
properly defend it? Similarly, if you are<br />
missing legitimate devices, you may also<br />
be missing unauthorised devices. Could<br />
any of these anonymous devices provide<br />
backdoors into the network, and perhaps<br />
leave your infrastructure exposed and<br />
vulnerable?<br />
"But I know exactly what I have on my<br />
network," I hear you say. Well, you'd be<br />
surprised. There have been plenty of<br />
cases where we have heard this, only<br />
to discover an unknown device or<br />
application on a network during an estate<br />
discovery investigation, whether it be<br />
a legacy server situated at a remote site, a<br />
website that has been put online as a test<br />
by an internal department, an IoT device<br />
plugged into your network by a member<br />
of staff, IT infrastructure inherited as part<br />
of an acquisition or an application that<br />
was meant to be internal, but is available<br />
to the internet. It can be hard to have<br />
a full oversight on what's truly sitting on<br />
your network.<br />
ASSESS THE RISK, PROTECT OR GET RID<br />
Like the stuff from my garage, once you<br />
know what you have, you need to decide<br />
whether it's still needed. If it is useful to<br />
the organisation, then you'll need to take<br />
the necessary steps to conduct an analysis<br />
of the security and data compliance risks,<br />
and to put in place effective measures<br />
that bring it in line with corporate<br />
policies. If it's not useful, then it's best<br />
to remove it from the network and from<br />
external view. But how do you go about<br />
securing a previously unknown device or<br />
application that you wish to keep on the<br />
network? Well, it will all depend on what<br />
you've found and the nature of the data<br />
it stores or processes, but there is one<br />
standard thing you should be checking as<br />
a matter of course. One of the easiest<br />
things you can do to improve security of<br />
a previously unknown device or<br />
application on your network is to make<br />
sure you have up-to-date versions of<br />
software where possible. If a device or<br />
application is running on an old version<br />
of software, then it is highly likely there<br />
will be security flaws present. Attackers<br />
are all too aware of the security<br />
vulnerabilities within unpatched software,<br />
meaning these could be potentially used<br />
to gain entry to a network and to<br />
ultimately exploit your organisation.<br />
STARTING WITH A CLEAN HOUSE<br />
There is no doubting that the coronavirus<br />
situation has been terrible. As businesses<br />
and as a society, we are likely to face<br />
more turbulence as we ease back towards<br />
normality, however that normal may look.<br />
But before the stresses, strains and<br />
busyness of this new 'normal' take over,<br />
I would argue that now is the perfect<br />
opportunity to step back, to take a look<br />
at some of the jobs we've always put off<br />
and to prepare our organisations for<br />
better times ahead.<br />
Gaining a full understanding of your IT<br />
estate should be considered one of these<br />
vital jobs and, as a company, we've seen<br />
first-hand that it's a job that many<br />
organisations have put off over the years.<br />
Yes, you want to be doing something<br />
more exciting, but it's not as painful as<br />
you may think; we do all the leg work for<br />
our clients. And, unless you know what<br />
you have and what the risks are, you<br />
won't be able to gain the peace of mind<br />
that your network is as secure as possible.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Nov</strong>/<strong>Dec</strong> <strong>2020</strong> computing security<br />
17