IT organizations are enabling remote workforces rapidly, to maintain business continuity and productivity and protect businesses and employees. However, this initiative will create new security risks and threats.
IT leaders know they can’t simply open up their IT infrastructure for remote access without creating and enforcing security policies and controls. As remote workers use more devices and their own Wi-Fi connections to access the network, security risks grow. Bad actors are already seeking to take advantage of these massive changes, which is why IT organizations need to move proactively to safeguard systems, enforce access controls, and identify and resolve high-priority risks and threats.
While all industries need to strengthen security now, chief among them are tightly regulated industries where workers handle sensitive data such as financial services, healthcare and retail. Also having a pressing need to ensure IT system security, are those groups where workers require access to sensitive data to perform mission-critical assignments, such as military and other government agencies.
IT and information security leaders, as well as networking staff, can start to boost security by driving awareness about the following common risks that all organizations face:
- Use of default credentials on deployed infrastructure which significantly increases risks (and violates the California IoT Security Law)
- Outdated firmware versions on IT devices with known security vulnerabilities
- Legacy technology that is not compliant with modern security protocols and encryption standards
- Self-signed or expired security certificates in management appliances
- Users with excessive access privileges that bad actors could exploit
- User accounts that are proliferating due to ineffective or minimal controls
- Lack of visibility into user activities that could negatively impact IT infrastructure
- Little or no standardized configuration management.
When moving on to risk mitigation, IT and information security leaders should consider the following best practices:
Leaders can tighten control of IT systems by creating an out-of-band (OOB) management network that is separate from the production network, and then block direct network access to OOB devices. Additionally, removing the guesswork from network configuration can further enhance security which is why IT leaders should automate and standardize deployment of tested and approved configurations.
When a security breach does occur, taking quick action to resolve the problem is paramount. By enabling logging at various levels to capture and retain user activities, it becomes easier for IT teams to identify the source of the breach and make the system changes necessary to avoid a similar occurrence.
Firmware, Protocols, and Standards
When it comes to establishing security standards, IT leaders need to ensure use of the latest security protocols and encryption algorithms while applying strict security profiles to lock down access to their OOB solution.
Addressing known security vulnerabilities also means ensuring IT devices are updated with the latest firmware, all default credentials on IT systems are changed, and only certificate-authority-signed certificates are being used. All certificates should be rotated frequently.
Centralized Management Platform
Enforcing the use of central management software as the single-entry point into your OOB network is ideal for improved security and control. Beyond software, IT leaders should ensure that the following hardware assets are part of a remote management strategy: service processors, virtual infrastructure, network and storage devices, rack power distribution units (rPDUs), uninterruptible power supply (UPS) units, or any IP addressable device.
Of course, only using approved external and multifactor authentication systems helps to boost security, but reducing the possibility of human error is also essential for safeguarding IT systems. IT leaders should limit which devices users can manage and restrict the operations users can perform on devices. Also, having an intuitive interface for day-to-day IT operations makes mistakes less likely to occur, especially those mistakes that can lead to costly downtime.
Unfortunately, human error is inevitable and there could be other external factors that can impact IT system performance. This is why leaders should ensure they are receiving alerts based on equipment status such as disconnection from network, abnormal state, equipment failure, or unauthorized user activity. These issues will also be easier to address if there is local console access to network and storage devices, especially in edge locations.
Whatever the current status is for your network security, the Vertiv team of experts can help. We regularly work with customers, offering varying levels of support, to strengthen their overall security posture by addressing commonly overlooked vulnerabilities and enforcing secure, authorized access to systems.