IT departments may have a dedicated information security team or engineer whose primary responsibility is security, but each and every sys admin of any system on the network shares the responsibility for properly configuring and securing the systems in their charge. Network security software is a great tool to assist sys admins with locking down their systems and should be used whenever possible to make sure nothing is missed and that all systems are consistently secured.
Each type of system will have its own unique requirements, but there are several areas of security that will be common across all systems. It’s these common areas that make up the five critical security concerns that every sys admin should check, and ensuring you are familiar with them is a great first step towards that goal.
1. Default Settings
Default settings are a major concern when it comes to securing resources. Many vendors opt to configure their products for ease of use, so that customers can get up and running quickly. Default settings may be more open. Default passwords are well known and easily discovered online. Good network security software will have a database of default settings and credentials, and can be used to scan a single system or the entire network to find any systems running with default settings.
The quickest way to compromise a network is to find an unpatched system. Default settings can be locked down and require only a one-time effort; patching is a continuous and ongoing task that many sys admins let slip. Using a network security software application to scan for unpatched systems is a fast way to find a hole to exploit, or an easy way to find systems needing remediation (it just depends on which side you play, offence or defense.)
Even fully patched systems that are well secured from their defaults can fall when infected with malware. Network security scanners can also check your systems to ensure that antivirus software is installed, configured and running. Antivirus software should be on 100% of your systems and is your best defense against malware.
Making sure that firewalls are properly configured to only allow what is explicitly required, and that systems are only running required and authorized services, are both major aspects of securing from the network’s perspective. Network security software can scan systems to identify open ports on the firewall, or running services on the system, so you can validate any and all are appropriate for your environment.
5. Rights and Permissions
No one has ever lost their job because they assigned too few rights, but assigning too many can be a career-limiting action. Network security software can scan for open shares, enumerate their contents and ACLs, and provide you with a list of everything that users can get to over the network. Validating that shares are properly secured helps to ensure that no one is accessing data they shouldn’t, and is the fifth critical security concern for any sys admin.
Keeping systems secure is just one part of a sys admin’s duties, but it is a critical part. Network security software can make this task easy and manageable, and can help to ensure nothing is missed. Implement network security software in your environment and then use it regularly to ensure that your systems are secure.
This guest post was provided by Casper Manes on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on why your organization needs a network security scanner: http://www.gfi.com/network-security-vulnerability-scanner/
All product and company names herein may be trademarks of their respective owners.