We're back with the network security tip of the week. This week's tip looks at the importance of network segmentation, which has been a hot topic in the recent weeks over some high profile breaches in the news. Network segmentation is also an important aspect of PCI-DSS where sensitive cardholder data must be separated from the rest of the network in a "PCI Zone". Michael from the US suggests the following:
In my previous post on the security policy management maturity model, we examined what an Emerging organization (level 2) looks like. Steps to automate security policy analysis and audits were implemented, but the security policy was only optimized, compliant, etc. at a point-in-time, because changes continue to introduce risk and policy bloat.
More information is coming out on the Target breach and a key takeaway is to reexamine the importance of security zoning. It is being reported that origin of the unauthorized access was through a third party and from there, the cyber-criminals moved their way through Target's network to the Point of Sale (POS) systems, where malware was placed to collect unencrypted card data. What's come out is that these cyber-criminals stole the login credentials of the third party vendor, an HVAC company, which may have opened up access to a lot more in the network than should have been allowed, including access to an external billing system and a contract submissions portal.
Vulnerability management has always been a cornerstone of a sound information security program, but the reality is that traditional scanners uncover too many vulnerabilities for any business to adequately address. Traditional risk management practices have a very technical focus, displaying risks for servers, IP addresses, and other elements and the challenge is that these are seldom understood by the business. With volumes of vulnerabilities throughout the network, having an effective way to understand and prioritize risk remediation efforts can have a major impact on both security and business productivity. Recent breaches at retailers like Target, Neiman Marcus and Michaels have all made front page news, further highlighting the need for business stakeholders to be aware of and accountable for IT security risks in their business units.
Virtualization has come to the forefront as one of the biggest trends in IT over the past decade. While there are many benefits of virtualizing parts of the network, virtualization introduces new challenges. For example, when inter-VM traffic bypasses inspection by traditional security devices and controls. A great thing about working in a technology company is having many technically-focused colleagues around you who can share their insights. I took advantage of this recently to sit down and discuss the impact of virtualization on network security with our own Kyle Wickert, who previously served as a Security Architect for a major bank.
In my previous post on the security policy management maturity model, we examined level 1, or the Initial level, which means you're either not managing security policies at all or are at an extremely basic level that is fully manual. If you took some of the tips to heart regarding policy analysis automation, then you may now be at Level 2, or what we refer to as an Emerging organization.