THE IT SECURITY PROFESSIONAL |
Barlowtek
The It security Pro
Helping Organizations Understand IT Security
&
Best Practices
One of the key aspects of network management and security is that everything on the network is configured correctly and in a secure. Unfortunately, this most often not the case and it leads to some very vulnerable networks that attackers can take advantage of. Due to the sheer number of systems and services that a Network Administrator has to manage in an enterprise these day, it is difficult to find someone (or a team) who has all of the experience and knowledge to do everything. Setup When new services are setup on a network, it usually falls on the IT Team, or specifically the Network Administrator to configure and setup the new service. Whether it is the SharePoint cluster, a new VMWare stack, or a new NAS. Someone with technical knowhow will be required to setup and configure those services correctly. Do to the complicated setup and configuration that computer networks require, technical expertise to configure. Configuring Requirements Adding new services and resources to the network environment can be difficult and time consuming in most instances. It is imperative that these are setup and configured correctly in order to take advantage of the benefits they offer the company. Technical know-how is one of the issues that some administrators have in that they may be expected to do the work on their own. Here are some other ways in which configurations may be hampered:
Human Solution Solving this problem takes multiple approaches. The first being the human factor, since this is the one part of the equation that can play a huge part in the deployment and configuration process for any new systems or resources you will want to deploy. Providing training to your staff and the technical personnel that will both deploy and maintain your systems (maintenance is the biggest part of the deployment process) so that they understand what they are responsible for. This key point is not communicated sometimes, so it is important that it be so that the correct measures may be taken. Technical Solution The technical solution is harder to factor in due to that variety and the complexity of the network setup and configuration. The focus here should be on the software or the hardware resource that is being added to the network. Technical expertise on the setup and configuration of all systems may be difficult to have, but most solution providers will provide a training program that your staff is able to take so that they understand and can configure the systems according to established best practices. "If your solution provider or manufacturer does not have this, look for one that does." Network administration is ever changing due to having to deal with new threats or risks to the environment. It is important to have a staff that understands the requirements of bringing new or maintaining older systems on the network. Threats can come from any direction, but if your IT staff have the expertise to know that to look out for, then that is at least part of the solution.
Summary Configuration vulnerabilities are everywhere and they should be addressed within your network environment. Whether it is conducting an internal audit in order to determine how specific systems were setup and initially configured, at least that would be a start. IT Security Pros will find issues with configurations when they are looking into other areas of the system and may address it with the various support personnel within your organization. Nevertheless, failure to address these issues can lead to a possible compromise of what would have been a secure network. You organization is only as strong as your weakest link, and for many companies, it is the systems that they depend on every day. Due to any of the reasons that are listed above, those systems are not setup and configured properly and that one flaw is enough for a hacker to take advantage of. A simple setting or configuration change may be all it takes to secure your corporate network.
0 Comments
|
IT Security ProSecuring the future one byte at a time! Mr. Barlow is here, staying ahead of the curve in Information Security Leadership. Ready to help your company stay safe and secure. Categories
All
Archives
January 2023
|