Tag: Network security

BYOD

· 2 Comments ·

BYOD: Bring Your Own Device:

A phrase that has become widely adopted to refer to mobile workers bringing their own mobile devices, such as smartphones, laptops and PDAs, into the workplace for use and connectivity. Today, many consumers expect to be able to use personal smartphones and mobile devices at work, which is an IT concern. Many corporations that allow employees to use their own mobile devices at work implement a “BYOD policy” to help IT better manage these devices and ensure network security.

I think BYOD (Bring Your Own Device) is a great idea. It’s an excellent way to save money and to give employees what they want: device freedom.

The reality is that companies must find ways to decrease overhead without sacrificing product quality. They must increase profitability to attract investment money to continue to grow, to innovate and to explore. One significant way to do that is to allow employees to bring their own devices (laptops, smart phones, tablets) to work and use them.

There are both advantages and drawbacks to this kind of policy. In order for it to be feasible, employees must agree that lost or stolen devices can be remotely wiped (with software such as Computrace and Computrace Mobile).

Advantages of a BYOD policy:

  • Reduces IT hardware costs
  • Enables staff to work from anywhere
  • Increases feasibility of remote staff
  • Employees can meet their own demands for the most up-to-date device
  • Employees are more productive using devices with which they’re comfortable.

Drawbacks of a BYOD policy:

  • It’s difficult to make sure all employee devices have been registered and updated with remote-wiping software
  • Increased risk for introducing malware to the corporate network
  • Network access must be revoked when no longer applicable.

               Rather than dismiss a BYOD policy because of the drawbacks, IT can develop a policy to help mitigate the risks.

The VMware Company is in the process of launching Horizon Mobile, software that allows you to run both business and personal phones from one handset.

This means that should the phone be lost, or the employee leaves, any company data on the phone can be remotely wiped. The work phone can also be switched off leaving the personal phone still connected.

   The trend is powered not only by the growth in mobile devices, but by cloud computing, with companies able to buy ready-to-go virtual desktops.

IT managers on BYOD:

  • 52% accept some form of network access
  • 64% believe it is too risky to allow personal devices to be integrated
  • 49% believe the future of their organisation requires integration
  • 50% believe it can increase productivity
  • 82% have a policy in place regarding the use of personal devices at work.

Firewall

· 4 Comments ·

A firewall is defined as a system which is designed to prevent unauthorized access to or from a private network. Claimed to be implemented in both hardware and software, or a combination of both, firewalls are frequently used in order to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.

Types of firewall techniques:

Packet filter: Each packet entering or leaving the network is checked and based on user-defined rules it is either accepted or rejected. It is said to be fairly effective and transparent to users, but is difficult to configure and is susceptible to IP spoofing.
Application gateway: Security mechanisms are applied to specific applications, such as FTP and Telnet servers. Although this is very effective, performance degradation can be imposed.
Circuit-level gateway: Security mechanisms are applied when a TCP or UDP connection is established. Upon establishing the connection, packets can flow between the hosts without further checking.
Proxy server: All messages are intercepted while entering and leaving the network, while the true network addresses are kept effectively hidden by the proxy server

Principle of a Firewall:

A set of predefined rules constitute a firewall system wherein the system is allowed to:

Authorise the connection (allow)
Block the connection (deny)
Reject the connection request without informing the issuer (drop)

Firewall Management Best Practices:

  • Don’t assume that the firewall is the answer to all your network security needs.
  • Deny all the traffic and allow what is needed and the other way, allowing all and blocking the known vulnerable ports.
  • Limit the number of applications running (Antivirus, VPN, Authentication software’s) in your host based firewalls to maximize the CPU cycles and network throughput.
  • Run the firewall services from unique ID rather than running from generic root/admin id.
  • Follow good password practices

                   – Change the default admin or root passwords before connecting the firewall to the internet

                   – Use long and complex pass phrase difficult to crack and easy to remember

                   – Change the passwords once in 6 months and whenever suspected to be compromised

  • Use features like stateful inspection, proxies and application level inspections if available in the firewalls.
  • Physical Access to the firewall should be controlled.
  • Keep the configurations simple, eliminate unneeded and redundant rules.
  • Audit the firewall rule base regularly.
  • Perform regular security tests on your firewalls for new exploits, changes in rules and with firewall disabled to determine how vulnerable you will be in cased of firewall failures.
  • Enable firewall logging and alerting.
  • Use secure remote syslog server that makes log modification and manipulation difficult for an attacker.
  • Consider outsourcing firewall management to a managed service provider to leverage on their expertise, trend analysis and intelligence.
  • Have strong Change Management process to control changes to firewalls.
  • Try to have personal firewalls/intrusion prevention software’s, as the network firewalls can be easily circumvented when connected through devices like USB modems, ADSL links etc.
  • Backup the firewalls rule base regularly and keep the backups offsite