How to Ensure Your Network is Accessible, Not Vulnerable
The network is both an asset and a liability.
While the network allows access to data and applications, it is also a source of vulnerability. Data is especially vulnerable to attack while in transit through the network. Protecting the network has become more challenging as IT environments become more distributed and endpoints proliferate, especially during this time of remote work.
By undergoing a hardening assessment, companies can ensure their network is accessible to authorized users while being protected from bad actors.
Where Companies Are Going Wrong With Network Security
Unfortunately, companies often purchase and deploy technology based on its functionality instead of its security. This focus on functions and features results in configurations that overlook critical security settings, leaving a company’s network vulnerable to a cyberattack. Once a threat has breached the network, it can move laterally across the entire system.
It’s important for a company to strike the right balance between operability and security. Only when both requirements are satisfied will companies get the desired value and capabilities from their network infrastructure without taking on unacceptable levels of risk.
Network access must be controlled for security reasons while allowing authorized users access to the information and applications they need as employees, customers, and clients.
What Is a Network Hardening Assessment?
A network hardening assessment can determine if your company is doing enough to protect the network. The hardening assessment evaluates the network infrastructure configuration, including switches, routers, wireless LAN, and firewalls.
These aspects of the infrastructure are typically compared against industry benchmarks for each device type to ensure the devices are appropriately secure and to minimize exposures that can place the company at risk for a breach.
At GMI, we use the Center for Internet Security® (CIS) benchmarks. The CIS produces community-sourced best-practice guidance that prioritizes actions to encourage greater use of good security practices.
What You Want From a Network Hardening Assessment
During a hardening assessment, a team of network security experts will assess your network configuration using the CIS benchmarks for the device type to identify security gaps created by configuration and patching weaknesses. The assessment should result in a report of priorities for remediation.
While the report should enable self-remediation, the right technology partner can also be contracted to implement the needed changes. The outcomes of the assessment should also provide your company with best-practice configurations for your network devices so you can follow them going forward.
Getting the Most From Your Hardening Assessment
There are two guidelines you should follow when pursuing a network hardening assessment:
- Choose the Right Partner. As a secure technology solutions provider, GMI is deeply experienced in both networking and security. The GMI team carries many security certifications and is a Cisco-certified security solution provider. As a CIS SecureSuite® member, we ensure network devices are appropriately secured to nothing short of community-driven best practices.
- Maximize the Results. Obviously, follow the guidance of the report (or get someone like GMI to help you) to minimize weaknesses in your network configurations and strike the right balance of features and security. Use the report to aid in building secure configuration templates, allowing for standardized, quick, secure deployment of new devices into your environment. A network hardening assessment not only optimizes your network now, but it provides guidance that allows you to keep it that way.
We're Here to Help
Has your company found the balance between accessibility and security? Contact us to learn more about how a Network Hardening Assessment can improve your network from the experts at GMI.
Bret Filipek
With more than 25 years in IT, Bret Filipek is a seasoned pro. He's worn such titles as Systems Engineer, Network Engineer, Security Engineer, Network Operations and Engineer Manager, and IT Director. His experience includes working with the largest hosting provider, the largest financial transaction processor, and small non-profits as well. When he isn't helping organizations solve IT challenges, he can be found hiking and making the most of the scenic Arizona outdoors.