Good network security is about being able to say you trust the systems that access your network and the applications within it. This level of security, for any organization, is a serious undertaking and, like an insurance premium, a necessary item on the list of things that have to be assessed and prioritised.
If you follow the media, hardly a week goes by without a scare story about a hack or high profile security breach. The media loves to report on the kind of “David verses Goliath” battles that IT security now seem to throw up:
- An organisation being hacked by a teenager in search of kicks.
- A whistle blower trying to change policy by disclosing embarrassing information.
- Straight forward fraud or data theft.
Whether the security breach was a hack or, increasingly, social engineering- ultimately inappropriate access was gained to the network and the applications running on them. While many organisations experience security events, many of these events turn out to be benign – not every security event detected is a hack.
Trust relies on being aware of everything, as it happens.
The trick is to find a way of remaining vigilant. Separating what is and what isn’t a security problem efficiently and cheaply. Security is fundamentally about trust and authenticity which boils down to asking yourself “is everything accessing our network acceptable, and can I prove it?”. Most organisations have the basics covered:
- A firewall to protect against hackers.
- An antivirus software to protect against malware.
While this does try to keep the bad-guys out, it doesn’t completely deliver trust. Can you be sure that no one can by-pass the firewall or connect a device without anti-virus software to your network? In the steps towards building a level of trust, you must be aware of everything connected to your network. Once that is done you can figure out whether it is authentic –what it purports to be.
This has been quite difficult to do until recently. Users can authenticate, devices can have antivirus, but once a device is connected is it doing acceptable things on the network? Once you have figured definitively what the connected device is, you can decide whether you trust it.
Implement a solution that gives you full control of your network.
Rebasoft addresses these challenges with an innovative network access control solution that goes beyond the stage of authentication and continues to monitor the device in real-time for complete visibility and control- whether its users with laptops, BYODs, printers, servers or in fact any IP enabled device.
Our solution has the ability to collect and analyze information from multiple sources at the MAC, IP, device, user and application level. We can also accept inputs from other security appliance via syslog and other data sources such as asset database. This enables us to form a very detailed, almost forensic view of who is connecting to the network, from what device or devices, where they are located and what application they accessing.
Uniquely Threat Auditor uses traffic finger-printing to ensure authenticity. Where a device is assessed to be a particular type, it can be monitored as such. So a printer should look like a printer and act like a printer on the network. This fingerprinting capability allows organisations to detect masquerading or improper access to applications on the network.
For more information on how Rebasoft could help build trust in your organization’s security, just get in touch with us via our contact page.