Today, IT teams are tasked with defending their organizations from a multitude of attacks on their systems. Yet, despite the advanced security tools designed to protect them, the strength of their security policies essentially comes down to the people and processes inside the organization. This also in an era when many organizations find themselves short on IT staff and talent. On more than one occasion companies have reported being completely infiltrated as a result of a misstep of a single employee or due to a shortened IT staff.
October 2022 marks the 18th anniversary of Cybersecurity Awareness Month which was intended by the United States government to help protect individuals from online threats to technology and data as they become more frequent. To aid in their defense, Extreme Networks remains dedicated to developing solutions that take a multi-layer approach to network security: from the edge, to the core, to the datacenter and the cloud. The combination of a technology and a people-centered approach are the components of a smart security strategy.
When it comes to organizations protecting their resources, the network is the connective tissue to everything. So it’s important to adopt practices and philosophies that mitigate risk while improving efficiency. Extreme Networks, along with its full ecosystem of security partners and collaborators, play a vital role in an organization’s full security strategy. Here are some Extreme tools that are foundational to an effective defense.
One of the most effective security measures Extreme provides is fabric technology. This technology allows IT Teams to virtualize the network in a way that forces those who would compromise a network to work blind while trying to operate. Imagine going in a strange house in the dark and trying to move around without bumping into anything. The act of bumping into something is called an anomaly and creating one alerts security that something is wrong and teams start searching. Fabric technology can aid in reducing the discovery time for an intrusion dramatically.
This type of security can have significant benefit within key verticals where data loss can be disastrous. For instance, in areas like Healthcare, where HIPAA compliance must be maintained, reducing vulnerabilities with a flat, automated network limits opportunities for exploits due to misconfiguration or complications as a result of layered, single-purpose networks developed over time. By flattening out complex networks, intruders are left with no places to hide.
See how Elisabeth-TweeSteden Hospital (the Netherlands) cured their ailing network.
Another way organizations can add layers to their security profile is to implement cloud managed networking technologies that are powered by ML/AI. Just as cyberthreats can use these emerging tools to guess passwords, IT teams can use these tools to expand their visibility of what’s connected, how they are performing, and control what access individual devices have to resources. These tools use the data resident in your network to improve your security over time, scan for threats and even provide decision support around what to do to address the issues – as it’s happening.
How does benefit an organization’s security strategy?
Imagine an intrusion into a node providing access to a remote area of the network.
Anomaly Detection – Over time, the data resident in a network can be used to develop a standard of normal operation for an organization. Intrusion into the network produces traffic that deviates from the standard which creates alerts for IT Staff to investigate. The best part is that it’s AI-powered, and the system remains vigilant, prepared to raise the alarms immediately. So off hours access or high bandwidth transfers would likely produce an anomaly that would need investigation.
Remote Management – When alarms are raised, response time becomes critical to mitigating the risks to sensitive assets attached to the network. Remote management through the cloud ensures that visibility to the threat can be provided anywhere and at any time and isolation of nodes and paths can be reconfigured without a trip to the office or the node under attack. With alarm notifications going off, the administrator steps away from the dinner table and logs on to the network from their phone. A node was accessed out of normal hours and its traffic is spiking.
Explainable ML – Decision support tools are critical for teams as networks evolve and become more complex. Knowing what to do takes experience and it takes an understanding of the nature of the threat, the implications on secure assets of the breach and what options are available at the given time. Leveraging a limitless data lake, Extreme Networks implements what it calls Explainable ML which provides the best recommendations for addressing the anomaly. This means that teams don’t have to spend time investigating or worse, taking action that brings down more of the network than necessary out of an overabundance of caution. CoPilot tells the administrator to isolate the node that has been compromised and the network re-routes traffic around the issue using Fabric Connect’s shortest path bridging. A short time later, the administrator finishes dinner. In addition to helping maintain security posture, AIOps makes working with limited IT staff less of a burden – adding the resources and prioritization needed to function.
Learn More about ExtremeCloud IQ CoPilot: Solution Page.
Discover the Benefits of Machine Learning and Artificial Intelligence: Extreme ML/AI
See How Explainable ML works
While few employees intentionally betray security policies, the efficacy of an organization’s security strategy still hinges on compliance of people. Technology can assist in providing IT teams with visibility and control of what connects to the network, but good employee decision making literally fills in the gaps. CISOs spend a tremendous amount of time focused on employee education and training to promote compliance and vigilance in hopes they can hold the line and provide effective security.
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) are providing resources to help individuals and organizations make smart decisions about security practices regardless of where they are, at home, at work or school, or on mobile in transit. On the CISA.gov website, it lists four basic practices people can implement right away in support of the 2022 Cybersecurity month theme, “See Yourself in Cyber.”
Passwords aren’t enough anymore. With the rise of ML/AI, there are tools that can guess passwords in minutes, so Multi-Factor Authentication ensures that even if your password is guessed correctly, a message is sent to your mobile device or email with a one-time use code to ensure that you intended to access your private resources. Multi-Factor Authentication may also use security questions to help make sure that you are, indeed, you.
Speaking of Passwords, CISA encourages people to strengthen their security by making their passwords more difficult to guess. Gone are the days where “Password” or “QWERTY” are acceptable. Security experts encourage the use of a “passphrase” instead of an individual word to protect your privacy. Techrepublic defines a passphrase as “a long string of often random words.” While they are longer to type, often, they are easier to remember. And most importantly, they take longer to guess, “sunset-beach-sand” would take 2 billion years to crack.
Test the strength of your next password at Security.org: How Secure is my Password?
Phishing is a form of social engineering where fraudulent emails are disguised to look like legitimate communications in an effort to trick recipients into providing personal information like usernames, passwords, and banking or credit card numbers. Phishing can also be used to deceive a person into downloading software to their computer that would give an outsider access to their local resources, full control of their machine, or access to private or company networks.
The key to mitigating phishing comes back to education. If a message is too good to be true, it probably is. Be suspicious when receiving unexpected emails. Hover over links to see where they lead; if you don’t recognize the address, don’t click it. And most importantly, report anything suspicious to your security team. They’ll welcome your vigilance.
Use this CISA Tip Sheet to protect against Phishing: Be Cyber Smart
The software we use are complex pieces of coding that took teams months or years to develop. They provide instructions to your machine on how to handle a multitude of scenarios. The best developers include bulletproofing to ensure that you don’t accidentally do something you shouldn’t, and they work to defend against others who might try to compromise their work. The problem is, no system, however well designed, is perfectly secure
So, developers are constantly looking for weaknesses, and once discovered, they write new code to improve their software. This requires accepting and installing updates. Not implementing the updates means that once the public discovers the vulnerability, it can be exploited. Long term failure to update software could create a multitude of security threats whose solution was a simple update.
It has never been more important to protect the valuable resources that drive our organizations. Patient data security can mean the difference between life and death. Citizen data security can have implications on coordination of city services and safety response times. Student data security can have implications on academic performance and achievement. Regardless of industry, it requires the combination of people and technology to keep us and our private information safe. So thank an IT professional for their role in keeping our data safe, and maybe they’ll thank you back for your vigilance.
Happy Cybersecurity Month from Extreme Networks!
See more about Extreme Security on our Security Solution Page.