Protecting Business Networks By Using Network Segmentation

With the consumerization in IT nowadays; the various mobilization and connectivity of devices as well as the explosion of a number of Web based applications, it has driven many of us to use the Internet and related technologies in ways different than before. These innovative trends in technologies have made businesses grow more competitive and increase their productivity so that they could also create new opportunities for the global market. This has also dramatically changed how business networks work nowadays; companies have pushed well beyond their old boundaries all with regard to the output and the speed. Unfortunately, the security infrastructure of networks, security methods like penetration testing and security tools haven’t evolved together with the changing business networks.

Most of the time security administrators are forced to make a trade between the things they can and cannot accomplish, especially when it regards to the control and monitoring of new company network services. With the little visibility they have and the input of new services that are delivered to the systems it could led to possible negative effects to the system. Fortunately, there is a solution that can provide better foundation needed to protect the dynamic changes in the network structure and the services they have and it is network segmentation.

Network segmentation is complex procedure, but its basics are pretty straightforward. We could say that it is a process of logically putting network assets, applications and resources in groups. When it comes to introducing network segmentation into the system there are 4 key factors that have to be taken into consideration first.

Gaining Visibility

The first thing to consider is gaining visibility in the network. If the network administrators do not understand or recognize the traffic profiles on a proposed segment when it comes to inbound or outbound communication, then the access controls that have been implemented will all end as failures. It is important to understand how the segmented network is exactly used. Administrators will find themselves finding a connection on what they believe is occurring and what is indeed occurring on the system.

Protect Inbound or Outbound Communication and Resource Requests

Security has been always the primary goal of security administrators. If they do not have the knowledge, skill, tools, training like penetration testing training or other security training and the ability to protect the resources of a segment, then that goal won’t be met. Simple controls aren’t enough, administrators must have the ability to detect any possible threat and do instant action against it.

Implementing Granular Controls on the Traffic, the Users and the Assets

All of the data that will be going in and out of the segment must be controlled. If the security administrators have implemented protection, then the next thing to implement is the communication policy of the organization. Even if there is an understanding regarding the communication taking place with a certain segment and from a source coming from the outside, there should be controls that have to be implemented. It is a 2 step process, first is detective controls and the second is the preventive controls. This way the administrator can identify and investigate unexpected traffic and prevent them if they are found to be malicious.

Denying Inter-Segment Communications

When there is visibility, protected communications and implementation of access policy, the last thing to do is denying all inter-segment traffic. When the policy is implemented, the segment will be separated from the network and that unit will be able to operate on its own.

Any approach towards network segmentations must follow the four steps; however, administrators must focus on one segment at a time for better results. They should begin with areas, which are easily segmented. At the start, implementing the four steps in the few segments will be difficult, but in the long run, the rewards of limiting the areas of risks and compromise by segmenting each areas and putting controls on them will be worth the trouble. In fact, if the security administrators will perform security audits or pen test, the segmented areas easily addressed.

The changing technological innovations continue to drive businesses forward – pushing the scale, scope and performances of their networks. Companies has to be ready at all times, having a security approach that provides visibility, understanding as well as controls in order to protect their dynamic networks.

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These certifications are recognized worldwide and have received endorsements from various government agencies. They also offer trainings in penetration testing.

More information about EC-Council is available at www.eccouncil.org.

Increasing Dangers of Cybercrime

Companies should stop telling themselves that their network security systems are enough against any cyber threats looming in the Internet’s horizon nowadays. In fact, they should stop waiting for these threats to happen in their systems before they take any action against it. The risk of these cyber crimes isn’t a laughing matter and imminent doom is the only thing that awaits irresponsible and reckless companies.

Because of the constant change in our world today, the threats in the network systems of companies are further evolving and it may come from any kind of vector – mobile phones person to person networks, social media, Emails, web applications and so much more. To make matters worse, the security defenses and methods the companies employ like the regular penetration testing and anti virus software is being left behind. The technologies and skills these cyber criminals employ are sometimes far more superior than any other IT experts working as security administrators in different companies.

Due to their superiority when it comes to skill and tools used in hacking, creating sophisticated codes for malware, spear phishing and bot nets, committing cyber crime nowadays is as easy as pie. As a matter of fact, some cyber criminals don’t even need to lift a finger to do a thing; everything he wants to be done will be accomplished by the software he an unwilling victim downloads.

Aside from that, cyber criminals who are expert in writing different sophisticated software used in cyber crimes can even sell their software on a certain price to other criminals who lack the sophistication, skills and knowledge to make their own code. Thus, anyone who wants to hack a certain establishment will be able to use sophisticated software to accomplish everything he needs to be accomplished. The best example of sophisticated malware that is being sold in the Internet nowadays is the ZeuS malware. This dangerous malware is highly sophisticated and can be programmed to do different task depending on the type of attack a ZeuS user may want; ZeuS can also be used in building a much potent threat – bot nets.

Many security experts are getting more and more concerned about the evolution of cyber crime. Furthermore, the integration of these cyber crimes into an organized crime has created a greater scope of threat in many industries today. Criminals in cyber underground can share the sensitive information they have or work together to build a team to take down the tough security systems of some company. It’s an A-team of criminals adept in making codes, decrypting encrypted files, intelligence gathering deploying malware and scanning company systems for vulnerabilities they can exploit.

Nowadays, cybercrime has become a profession to some individuals and the levels of professionalism they have can be amazing. Potential clients will approach cyber criminals in these underground forums where clients can hire them to initiate attacks to specific targets – of course on a certain price. They will pay these crooks to launch DDoS attacks, steal or destroy sensitive information or others. But before clients hire these crooks, clients would often ask them to show their skills and how good they are in their trade.

Still, not all cyber criminals assemble teams to work together for a single purpose; individual cyber criminals can work on their own because of their bot nets. And what motivates them in making these crimes is the cash they could acquire from different companies like banks and other financial institutions. But some of those criminals aren’t focusing on financial institutions only; why would they hack on banking networks where there are securities that are tough to break or circumvent. They would rather hack the networks of some large scale businesses and institutions like restaurants, universities and hospitals. They can still get the needed information of their target without having to face difficult security systems.

These threats aren’t only used in stealing or making profit from different companies, sometimes these threats are used in attacking different governments. Espionage has become easy because of the Internet; any country could steal important information or make any destabilization plots against the target country.

Indeed, whether it is the government or other private industries, it is important to strengthen their defenses against cybercrimes. They should explore the vulnerabilities of their systems which can be exploited; it is easy to identify the vulnerabilities of network by completing a simple pen test. It can only be done by an expert in network security who has completed penetration testing training.

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These certifications are recognized worldwide and have received endorsements from various government agencies. They also offer trainings in penetration testing.

More information about EC-Council is available at www.eccouncil.org.