Security is fragile. Hackers need to discover only a single flaw in your defenses to mount an attack. Changes to the infrastructure, whether physical or logical, could open new holes in the network. Additionally, users and personnel may intentionally or accidentally breach security.
Network security management best practices are recommendations, guidelines, or standard operating procedures for obtaining reasonable security on a real-world budget. Best practices are usually not specific recommendations for products or tools; instead, these are recommendations for philosophies, stances, or concepts to use.
Focus on the core security services when designing security: confidentiality, integrity, and availability. Failure to properly and adequately address these essential security services will result in damage, data loss, and downtime. Confidentiality is the prevention of unauthorized access while supporting authorized access. Integrity is the protection against unauthorized modifications. Availability is the assurance that resources are accessible in a timely manner.
Consider designing security, especially physical security, around three central functions: deterrence, detection, and delay. Deterrence is the use of security to convince the potential attacker that the efforts to compromise a system are not worth it. The attack may be perceived as too hard or too complex, the attempt too easy to detect, and the consequences too severe.
Detection is to watch for the attempts at breaching security so as to respond promptly. Delay is to slow down the attack so that even successful breaches give the defenders time to respond in order to apprehend the attacker or prevent further intrusion.
Another common trio of parameters for security design and implementation is prevention, detection, and response. Prevention is the use of safeguards to thwart exploitation or compromise. It is usually more efficient, easier, and cost effective to prevent intrusions and breaches than to react to them.
Immediate detection of attempted and successful security breaches is important. The longer the time span between a malicious action and an authoritative response, the greater the likelihood the perpetrator will get away without consequence. Response means being prepared to contain damage, restrict further compromise, and effect repairs to return the system to normal.
The following collection of network security management best practices should serve as a starting point for the development of your effective security endeavors:
1. Do not rely upon single or individual defenses
Attempt to interlock and layer defenses. Implement defense in depth or a multiple-layered defense wherever possible. By following a defense-in-depth design concept, you will protect each asset with numerous safeguards. As one defense tool interlocks with another, there is overlap—like medieval armor plates—which improves the overall security.
The strengths and benefits of one countermeasure can supplement or compensate for the weaknesses and limitations of another. Even if the layered defenses are weak, this strategy can still provide enough of a delay for malicious activity to be noticed and stopped, or it may act as a deterrent so a hacker moves to exploit a less time-consuming target.
2. Know the limitations of security products
Each security mechanism addresses a single or small set of issues within a specific context. The presence of security in one location does not cause a magical blanket of security to exist in other locations. Be sure specific and relevant security solutions are in place where necessary. For example, use of Internet Protocol Security (IPSec) for network encryption does not imply that data stored on clients is encrypted.
3. Assume programs are inherently insecure
Security is not often a priority or a requirement in programming. When possible, use secure programming quality assurance.
4. Develop a policy for testing all code
Always test new code before deployment onto a production system. No matter what the source of the code, you must test it. Even if an internal programmer wrote the code, you must test it. Even if the code addresses a mission-critical issue, you must test it. Test all new code without exceptions. Any and all untested code is unauthorized and should be blocked from all production systems.
5. Develop and implement an efficient patch management system
You need to promptly analyze, evaluate, and install every new patch released from your vendors, whether for hardware or software, which is effective patch management. Never shortcut the test-all-code-before-deployment policy, and never implement code based on fear.
Suggested Read: All You Need To Know About VPN Benefits and Limitations
Instead, have a focused and efficient process for testing and approving new updates so that each can be rolled out to production systems quickly. Keep every system current on patches; remember, however, that pushing out a patch too soon and without proper testing is just as bad as delaying patch approval because you lack the time to examine it.
6. Harden internal hosts
Do not focus exclusively on one area or issue of security to the exclusion of all others. Provide consistent and thorough security throughout the IT infrastructure. All networked devices are at risk—perhaps from different threats, but still at risk.
7. Plan for handling failures, errors, intrusions, and downtime
Focus on what to do when bad things occur. The goal should be a fast and efficient recovery. Failing to plan is planning to fail.
8. Assume that you may become a victim of a denial of service (DoS) attack
Every communications system is vulnerable to DoS. Do not forget that physical damage can be an effective DoS.
9. Do not assume that a service or protocol is secured by some other layer or service
Verify that the data traversing a network segment is encrypted or otherwise secured.
10. Learn from your mistakes
When a problem is uncovered, a design flaw is revealed, or a process is shown to be ineffective, deal with it. Improve the environment to resolve the issue. Review the process and learn from it.
11. KISS – Keep It Simple: Security
Security is complex enough without purposefully imposing additional complexity. Focus on designing security that the average user can comply with easily and simply. The more arcane and cryptic procedures become, the greater chance that users will misunderstand, fail to comply, or purposefully subvert. Simplicity encourages compliance.
12. Ensure usability of the system once safeguards are in place
Focus on balancing security and usability. Absolute network security can create an unusable system, and ease of use can create an unsecure network; it is important to find a balance. The focus should be on reducing risk to the infrastructure while enabling users to perform authorized work with a minimum of hassle.
Security concerns can always overwhelm available time, effort, or budget. Focus on the big-impact and big-result issues first rather than attempting to fix every distraction as it is found. Security is constantly changing; the goal is to maintain reasonable—rather than perfect—security.
14. Know your network
Always be fully aware of the state of the organizational security. Do not make assumptions. If you are not positive that an aspect of the organization is secure, find out. Assuming that security exists leads to a false sense of safety. A lack of knowledge about the security status can lead to complacency.
By assuming that nothing is wrong, you feel no urgency to investigate and rectify problems. Do not fall into the “I thought it was protected” trap; if you do not know or are not sure, take the time to investigate and be sure.
Part of this process is to create and maintain benchmarks of network performance. Without such measures, it may be difficult to identify whether an apparent lag on the network is an attack or the network is reaching 95% utilization. Part of network management is maintaining optimal performance for all authorized users.
15. Critically search your network for flaws
Look for the weakest link. Every system or structure has a weak point, and a security structure is no different. It might be power, the users, a coding issue, processing capacity, or something that you never considered. In any case, some weak link exists in the security chain. Think like a hacker and look for it. Find it. Improve it. Then, go looking for the next weakest link.
16. Be realistic
Focus on known, real, probable threats rather than on unknown, imagined, or possible threats. While it is possible to have snow in Houston, Texas, is it likely you will encounter a blizzard there during your lifetime? Probably not. Do not plan for emergencies that are almost impossible to occur.
You don’t have enough time, energy, or budget to protect against everything. Perform a risk assessment and focus on current, significant issues.
17. Create and refine procedures
Develop a standardized, procedural-based process for hardening new systems. You should subject every new piece of host equipment—including switches, routers, firewalls, servers, and other devices—to a rigorous and thorough hardening process before it is deployed onto the production network.
In fact, having a dedicated, isolated, new system–testing network will protect the existing production network from new systems, as well as protect new systems from threats from the existing production network. As you improve your processes, be sure to document these improvements for easy repetition next time.
18. Know the threats
Stay current on security and vulnerability research. If you are unaware of the threats, you cannot protect against them. You need to seek out this information, because most general news sources, even those focusing on technology, do not address most of the security vulnerabilities, exploits, or compromises that arise daily.
Find good resources-related security and vulnerability research and consult it regularly. Knowledge is often one of the best weapons in the fight for security.
19. Implement the principle of least privilege
All users, including administrators, require only the privileges, access, and permissions necessary to accomplish their assigned work. This is referred to as the principle of least privilege. Any abilities beyond this minimum increase the potential for compromise and abuse.
20. Employ separation of duties
Isolate and compartmentalize administrative privileges through the implementation of separation of duties. This is also known as split knowledge. Administrators are given administrative power over a limited area of the IT infrastructure. No single administrator has full or total power over the entire environment.
This limits the scope of potential abuse and harm by disgruntled administrators, as well as by hackers who compromise administrative accounts.
For example, the IT personnel who are responsible for maintaining the firewalls on the network do not have access to the network logs captured and maintained by non-firewall devices. This prevents anyone of the firewall team from easily compromising the firewall rules and then covering their tracks by deleting or manipulating the network logs.