ROSD NURSYAFIQ BIN ROSSLEY

AC0107733

4 Common Security Gaps in Network Access Controls

1. Poor Authentication and Authorization

-->Authentication is the process of proving one’s identity to access gated entities
--> Other forms of authentication that include:
I)Knowledge-based: secret questions
ii)Possession-based: an artifact like a physical key, codes sent to mobile devices
Iii)Identity based: fingerprint, voice recognition
Iv)Single, Two-factor, Multi-Factor: requesting access through 1, 2 or multiple categories of
credentials

-->While each of these methods provides some level of security, they aren't always effective at
preventing security breaches.
-->One study found that password hygiene security remains a threat as, on average, employees share
roughly 6 passwords with coworkers, leaving networks wide open for security issues.
-->To get the best computer access control and network security, multi-factor authentication (MFA)
proves to be the most effective solution.

Multi-Factor Authentication Works

-->users must be validated using at least two different methods before gaining access to a network
-->MFA administration and management, network admins can control authentication for thousands of
users from a single point.
--> Some of the methods used are SMS token, soft tokens, and challenge-based tokens.

Centralized Authorization
-->Having centralized authorization gives IT departments more control over who has access to the
network, and what they can do.
-->They can decide which users or groups can access and make changes, including what specific
permissions they have with granular detail.
-->Centralized authentication also keeps a detailed audit trail on all remote activity.
So, if your business has multiple devices and users across a geographical area, all activity can still be
traced and dealt with in a timely manner.

Encryption
a) Encrypting data adds an extra layer of protection for user information.
b) Multiple layers of encryption provide even more security.
c) One of the benefits of Netop Remote Control is its use of encryption at seven levels, with up to
256 bits AES.
d) The Diffie-Hellman Protocol is a common method used in encryption protocol for "two
computer users to generate a shared private key with which they can exchange information
across a secure channel."
e) Having this added layer of security in remote access software greatly supports computer access
control and overall network security.

2. Insufficient Access Control in Network Security

a) Different users have different access profiles.
b) It's important to be able to define users' rights and functionality to the smallest detail and from
one central location.
c) Without proper control over users, huge gaps are left in network security, especially with third
party users.
d) The more devices and users being added to a network, the more challenging it is to ensure that
each user has proper access.
e) With quality remote control software, businesses can centrally manage access settings and user
rights across their networks rather than configuring each device individually.

VPNs Give Access to Network

 Using a VPN can be effective for remotely connecting to a business network, but definitively
less secure than remote access software.
 This can open your business up to vulnerabilities and potential malicious attacks.
 Using remote access software can act as a replacement for a VPN when accessing sensitive data.
 A comprehensive remote access solution also provides full compliance with PCI DSS, GDPR, and
HIPAA, so you feel confident that all your systems are running securely.
 With compliance as a baseline, remote access software, like Netop Remote Control, gives
businesses control over who can access what data and resources – and when – without going
through a less secure VPN.

Application Whitelisting

 While blacklisting certain applications is beneficial to blocking access to known malware, it

cannot account for unknown threats that endanger your network or sensitive data.
 Unfortunately, blacklisting leaves significant security gaps, which can be detrimental in an
enterprise software environment.
 On the flipside, whitelisting applications not only regulates what network, segment, or device an
individual can access, but completely controls computer access to which applications a user can
operate.
 Users will get denied access to programs that have not been specifically whitelisted.
 Application whitelisting is especially beneficial when it comes to vendor management.

3. Siloed Network Security

 Threats to networks are vast.

 They are designed to attack multiple places, find the gaps, and disguise malicious behavior.
 Much of this is done by looking at a network's attack surface as one entity to be compromised.
 Essentially, the more platforms a business is running, and the more security software they're
implementing, the more gaps there are.

4. Unsecured Remote Access to Devices

 Devices are everywhere, from a user's mobile phone or tablet, to a heart monitor or POS
machine.
 But trying to manage all those devices at once takes time that IT departments often don't have.
 The more complex the network, the more challenging it is to secure it.
 With remote access control for networks and devices, each device can be monitored
continuously, and IT departments can easily manage users and groups.
 For example, cybersecurity in healthcare is turning to remote patient monitoring more often to
simplify the patient data recording process and provide faster critical care.
Device and software hardening controls

 Systems hardening is a collection of tools, techniques, and best practices to reduce

vulnerability in technology applications, systems, infrastructure, firmware, and other areas.
 The goal of systems hardening is to reduce security risk by eliminating potential attack vectors
and condensing the system’s attack surface.
 By removing superfluous programs, accounts functions, applications, ports, permissions, access,
etc. attackers and malware have fewer opportunities to gain a foothold within your IT
ecosystem.

Systems hardening demands a methodical approach to audit, identify, close, and control potential
security vulnerabilities throughout your organization. There are several types of system hardening
activities, including:

 Application hardening
 Operating system hardening
 Server hardening
 Database hardening
 Network hardening

Systems Hardening to Reduce the “Attack Surface”

The “attack surface” is the combination of all the potential flaws and backdoors in technology that
can be exploited by hackers. These vulnerabilities can occur in multiple ways, including:

 Default and hardcoded passwords

 Passwords and other credentials stored in plain text files
 Unpatched software and firmware vulnerabilities
 Poorly configured BIOS, firewalls, ports, servers, switches, routers, or other parts of the
infrastructure
 Unencrypted network traffic or data at rest
 Lack, or deficiency, of privileged access controls

9 Best Practices for Systems Hardening

The type of hardening you carry out depends on the risks in your existing technology, the resources
you have available, and the priority for making fixes.

1. Audit your existing systems: Carry out a comprehensive audit of your existing technology. Use
penetration testing, vulnerability scanning, configuration management, and other security
auditing tools to find flaws in the system and prioritize fixes. Conduct system hardening
assessments against resources using industry standards from NIST, Microsoft, CIS, DISA, etc.

2. Create a strategy for systems hardening: You do not need to harden all of your systems at once.
Instead, create a strategy and plan based on risks identified within your technology ecosystem,
and use a phased approach to remediate the biggest flaws.

3. Patch vulnerabilities immediately: Ensure that you have an automated and comprehensive
vulnerability identification and patching system in place.

4. Network hardening: Ensure your firewall is properly configured and that all rules are regularly
audited; secure remote access points and users; block any unused or unneeded open network
ports; disable and remove unnecessary protocols and services; implement access lists; encrypt
network traffic.

5. Server hardening: Put all servers in a secure data center; never test hardening on production
servers; always harden servers before connecting them to the internet or external networks;
avoid installing unnecessary software on a server; segregate servers appropriately; ensure
 superuser and administrative shares are properly set up, and that rights and access are limited in
line with the principle of least privilege.

6. Application hardening: Remove any components or functions you do not need; restrict access to
applications based on user roles and context (such as with application control); remove all
sample files and default passwords. Application passwords should then be managed via an
application password management/privileged password management solution, that enforces
password best practices (password rotation, length, etc.). Hardening of applications should also
entail inspecting integrations with other applications and systems, and removing, or reducing,
unnecessary integration components and privileges.

7. Database hardening: Create admin restrictions, such as by controlling privileged access, on what
users can do in a database; turn on node checking to verify applications and users; encrypt
database information—both in transit and at rest; enforce secure passwords; introduce role-
based access control (RBAC) privileges; remove unused accounts;

8. Operating system hardening: Apply OS updates, service packs, and patches automatically;
remove unnecessary drivers, file sharing, libraries, software, services, and functionality; encrypt
local storage; tighten registry and other systems permissions; log all activity, errors, and
warnings; implement privileged user controls.

9. Eliminate unnecessary accounts and privileges: Enforce least privilege by removing unnecessary
accounts (such as orphaned accounts and unused accounts) and privileges throughout your IT
infrastructure.

Benefits of Systems Hardening

Systems hardening recovers continuous effort, but the diligence will pay off in substantive ways across
your organization via:

 Enhanced system functionality: Since fewer programs and less functionality means there is less
risk of operational issues, misconfigurations, incompatibilities, and compromise.

 Significantly improved security: A reduced attack surface translates into a lower risk of data
breaches, unauthorized access, systems hacking, or malware.

 Simplified compliance and auditability: Fewer programs and accounts coupled with a less
complex environment means auditing the environment will usually be more transparent and
straightforward.