Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Plugging network leaks

Michael Markulec, president and chief technology officer, Lumeta | June 4, 2013
Plugging network security leaks is an essential responsibility for companies, private organizations and technology professionals. Achieving that goal requires discovery tools that scour every asset, including those not currently under management, and also map connectivity between institutions involved with an organization's sensitive information around IT compliance, corporate security, product development, critical infrastructure protection and other relevant issues.

Plugging network security leaks is an essential responsibility for companies, private organizations and technology professionals. Achieving that goal requires discovery tools that scour every asset, including those not currently under management, and also map connectivity between institutions involved with an organization's sensitive information around IT compliance, corporate security, product development, critical infrastructure protection and other relevant issues.

Identifying potential vulnerabilities — starting with an emphasis on data leak prevention — is the only effective way to isolate and eliminate threats, which range from the use of malicious software and accidents to coordinated attacks by hackers and cybercriminals. Eliminating these leaks can often mean the difference between safety and massive data breaches, where businesses lose tens of millions of dollars and compromise confidential material.

Again, visibility into every host, node, network connection and form of intellectual property is critical, and most existing options do not provide this level of visibility. Performing an active probe and mapping everything on a network (rather than summarily scanning a range of things which is a more typical approach) provides you with a comprehensive overview of an entire routed infrastructure (including "stealth" assets such as hidden devices that do not respond to queries) so you can easily spot — and fix — leaks before they become serious problems.

However, the challenge is twofold: Once you have plugged the leaks, you need to find a service that fills the gap in existing network, security and risk management processes. Meeting this challenge enables IT experts and support staff to balance compliance and change, maintain service and availability, strengthen security and save money.

The benefits of meeting this second challenge are that it validates policies across a company's enterprise, enhancing productivity and minimizing the risks (inadvertent or otherwise) that can weaken an organization. This capability has added urgency with today's mobile workforce, where employees use smartphones and tablets to transmit data, exchange information and connect with multiple networks from remote locations.

Types of discovery
For leak discovery, it is crucial to reveal unauthorized connections between a network and another network, subnet or the Internet, because companies need to know whether access is outbound, inbound or both. Leak discovery highlights unknown connections to other organizations — like legacy divestiture connectivity — or to the Internet. Coupled with service discovery, which identifies Web services, wireless access points and IP applications on hosts and devices (including those not owned by a company or its employees), there is now a thorough means of locating forms of data leakage. This type of discovery testing establishes a default set of potentially vulnerable ports, which can be changed or augmented by the user.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.