Just One Crack By Michael Oldham
Just one crack. That’s all a hacker needs to find to cripple your organization.
That may sound a bit dramatic, but all you need to do is look at the headlines to see that it’s happening. It doesn’t matter how much money you’re spending or what name-brand security company you’re using; if you are like most other organizations out there, you’re potentially vulnerable.
Here’s why:
Almost all the attacks we see out there are designed for one task – to get inside your organization. While this sounds obvious, there’s a strong rational behind it. Once hackers get past the perimeter of the outside network, there’s little or no protection to keep them from achieving their insidious goals. That’s because most organizations’ defenses are still set up like a castle and moat defense – hard on the outside, but soft and gooey on the inside. Get past the shell and it is game over.
Today’s attacks, such as the SolarWinds breach, are still after the same targets; hackers are just taking novel approaches to achieve the same goals. Stolen credentials, phishing attempts, business email compromise (BEC), exploitation of remote access vulnerabilities through VPNs, RDP and other solutions, brute force or dictionary attacks – regardless of the type of attack, the goal is universal: Get a foothold inside your infrastructure to do wider damage.
Once hackers get that foothold, there is very little that can be done to stop them from taking or locking up whatever they want. That’s because most organizations are NOT set up to block an attacker who is already inside their information systems. There is little to no protection once an attacker is inside your infrastructure. Even if the hackers don’t have permissions to gain access to everything, once inside, it’s even easier to find the people who do have those permissions and find ways to fool them – by leveraging other user accounts to introduce malware and steal their credentials, for instance. Most organizations are helpless if a hacker has valid credentials and is inside their network.
So, what do you do to stop this?
Three things.
First, put in multi-factor authentication (MFA). Period. This is the baseline to significantly prevent your accounts from being taken over. MFA makes it much harder for hackers to get inside your infrastructure by stealing, guessing or buying credentials. Even better, use multiple factors of authentication, which could include device validation, certificate checks, Geo IP intelligence, etc.
Second, close as many exposure points as possible to the outside world. That means closing ports across your legacy infrastructure that have been opened for cloud, web services, Shadow IT and other applications – some that you may not even be aware of.
Every open port is another point of attack that hackers will gleefully exploit. Think about it: each solution – such as VPN, RDP, MDM, Web Servers and even cloud services or infrastructure – opens wide another door for attackers to walk on through. The more open ports you have, the more your exposure increases. And your already overwhelmed IT team fights an often losing battle as they just try to keep up with managing, maintaining, patching and installing updates for all those various solutions.
Failure to do so on even one product increases your exposure dramatically. And honestly, what IT team today can keep up with all that patching and do it on a timely basis? That presents a huge risk to your business. Closing ports to better secure your organization has a real, direct, significant business benefit.
Third, introduce segmentation inside your infrastructure. Everyone is committed to keeping hackers out, but the truth is they still get in, or you may even be attacked by an internal member of your organization. If you are breached, the segmentation of resources limits the damage anyone can do inside your infrastructure.
Segmentation prevents bad actors from pivoting once they are inside and prevents them from gaining access to other parts of your infrastructure, where they can steal or lock up data. With segmentation, those compartmentalized resources aren’t accessible without proper authentication (see the first and second steps above).
For example, if someone steals a user’s credentials, they only get access to what those credentials were authorized for. If you’ve combined those credentials with a multi-factor authentication plus device validation, they shouldn’t be able to even get into your infrastructure in the first place.
Another benefit of segmentation is that it doesn’t have to just be at the network level. Segmentation can be done at the resource level through intelligent policies that provide access to resources only under specific circumstances.
Implementing any of these three tactics will ensure a much greater level of security and minimize risk for your organization. If this all sounds like too high of a mountain for you to climb, it’s not. I’ll be happy to show how you can ascend to the peak of security quickly and cost effectively. Share: PrevPreviousCISA adds Total Access Control to Continuous Diagnostics and Mitigation Approved Products List NextAchieving Zero Trust Is a Journey, not a DestinationNext By using this site, you agree with our use of cookies.Read our Privacy Policy. AcceptManage consent Close Privacy Overview This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience. Necessary Necessary Always Enabled Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously. CookieDurationDescriptioncookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Analytics”.cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category “Functional”.cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category “Necessary”.cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Other.cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Performance”.viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. Functional Functional Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features. Performance Performance Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors. Analytics Analytics Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc. Advertisement Advertisement Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads. Others Others Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
pop
CLOSE
CLOSE
Scroll to top Scroll to top