October is National Cyber Security Month. In honor of this important topic in technology, we thought we’d chat a bit about our network management perspective on three common traps for security, risk management, and compliance:
Risk management isn’t just about business continuity and security. It is about the personal risk of IT managers when compliance and security regulations are not met. Network management software can help IT managers reduce risk throughout the corporate network while keeping their IT operations running smoothly. The first trap is when infrastructure components fail to work, leading to a failure in compliance, for example when internet connectivity is down due to a malfunctioning router and a regulatory filing misses the deadline. An effective network management solution can ensure connectivity across the enterprise’s infrastructure and communication services and can run synthetic transactions to periodically test performance and enable proactive steps when necessary.
Another frequent trap is when devices and systems are compromised, leading to compliance and security gaps. For example, if a wireless access point is tapped and company data traffic is exposed to an unauthorized external user or security privileges are changed so that unauthorized users now have access to data that they should not. In the first case, companies should make sure they have a network management solution in place that can provide visibility across all wireless access points, their status, users, connections and throughput, enabling high data flows or unauthorized attempts to log on to be tracked. Event log management software can collect, filter, analyze and alert to any such unauthorized change, or attempted changes, based on Windows Event log and Syslog records.
The third and final trap which network management software can help companies avoid is the failure of IT processes. For example, a configuration file is updated to a router with suspicious settings that redirects traffic to a malware site or application. In this case, administrators and IT managers should make sure that they have a solution in place that can automatically alert to any change that does not follow the established network policies and device configuration settings. All such changes are also captured by event log management software, thus providing comprehensive audit and pinpointing of rogue users who may be involved.
As these are all either preventable or recoverable in a short space of time as soon as the alert is known, IT managers have the responsibility to make sure that they have put the right monitoring solution in place from the outset.