SNBlog
|
0 Comments
By Stephen Smith and Ron Allen, D/A Central, Inc.
The days of allowing a network to operate in an open environment are over. Increased cyber security threats now means that companies have to lock down and monitor their ports, while simultaneously monitoring traffic on their network.
Today, businesses have two perimeters to protect: the physical perimeter of their building and their digital perimeter. But how do you protect the digital perimeter? Threats from outside sources, sometimes located in foreign countries and threats from within your network means that it’s no longer enough to just add a password to each device located on a network.
Any business with a network switch, NVR, surveillance camera or access control system connected to their network is vulnerable to an outside or inside attack vector. An intelligent, managed switch, which can send a notification if the network is being tampered with, can provide valuable protection.A managed switch can also lesson exposure to internal and external attacks by enabling the network to be segmented which provides potential attackers with less surface area to attack.Networks are vulnerable from both the inside and the outside. If smart switch technology is not properly programmed to the smallest segments possible, a virus can run rampant across a network and infect an entire company’s data file system.
Unfortunately, this wasn’t the case for one local college, where a student broke into the school’s grading system through the campuses surveillance system. To further complicate matters, the network hack didn’t take place remotely, but rather on campus itself.
How can businesses of all types protect their network? The first step is to invest in smart switches for your networked devices, not unmanaged switches. A smart switch costs more money, but provides greater protection when implemented properly.
An unmanaged switch switches data packets. Typically this is a group of ports that broadcast all traffic across all ports and does not differentiate between packet or port type. A smart switch, on the other hand, differentiates between ports. When programmed correctly by a highly trained IT certified security integrator,it only allows certain types of traffic to talk to each other or a certain grouping of ports to talk to each other. Companies can ensure a more secure network by investing in technology that manages the communication between ports, logical segments and other switches.
Companies can also improve their network security by segmenting their networks, versus deploying a system on a flat network. With a segmented network, companies can lock down their HVAC system, for example, so that it is located on its own VLAN (Virtual Local Area Network) and then locate the security system on another VLAN. This provides the capability to then institute access control rulesets between the two segments to ensure that an attack vector cannot propagate itself across the entire network.
Business owners need to remember that protecting their business today needs to go beyond protecting their building, people inside it and assets. Protecting data and the network is as critical a component of security,and it’s important to make sure you are using highly qualified security integrators for network centric deployments.