Network Security based on SANS Security Framework

Why Network Security is so important to businesses?

In Peterborough many organisations do not take their Network  and IT  Systems Security seriously, not because they do not care but because they do not know how to make a usable strong IT Security policy that covers Twenty Critical Control Areas against the existing status quo of the business. Since the beginning of 2012, many sites have been brought down from U.S Department of Justice to FBI sites, this is why your network security matters.


What are these Critical Security Controls For Network and Systems?

  • Inventory of Authorised and Unauthorised Devices in the organisation
  • Inventory of Authorised and Unauthorised Software in the organisation
  • Configurations for Hardware and Software on Laptops, Workstations, and Servers
  • Continuous Vulnerability Assessment and Remediation
  •  Malware Defenses
  • Application Software Security
  • Wireless Device Control
  • Data Recovery Capability
  • Security Skills Assessment and Appropriate Training to Fill Gaps
  • Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
  •  Limitation and Control of Network Ports, Protocols, and Services
  • Controlled Use of Administrative Privileges
  • Boundary Defense
  • Maintenance, Monitoring, and Analysis of Security Audit Logs
  • Controlled Access Based on the Need to Know
  • Account Monitoring and Control
  • Data Loss Prevention
  • Incident Response Capability
  • Secure Network Engineering
  • Penetration Tests and Red Team Exercises

Network and Systems Security worldwideThe control areas and individual sub controls concentrate on various technical facets of information security, using the primary goal of helping organisations prioritise their efforts to protect against today’s most typical and harmful computer and network attacks. Outdoors from the technical realm, an extensive security program also needs to consider many other parts of security, including overall policy, business structure, personnel issues (e.g. background inspections, etc.), and physical security. To assist in maintaining focus, the controls within this document do not encompass these important but non technical facets of information security. Organisations should develop a comprehensive method of other facets of security too, but they are outdoors of the scope of the document.


What Security Controls you need to put in place

To sum up, the guiding concepts utilised in devising the control areas as well as their connected sub controls range from the following:

  1. Protection should concentrate on addressing the most typical and harmful attack activities occurring today, as well as those anticipated soon.
  2. Enterprise conditions need to ensure that consistent controls have been established over the entire IT department of the organisation to effectively negate attacks.
  3. Protection ought to be automated where possible and periodically or continuously measured using automated measurement techniques where achievable.
  4. A number of specific technical activities ought to be carried out to make a more consistent defense against attacks that occur on a frequent basis against the IT security of the organization.
  5. Problems should be fixed to be able to make sure there is prevention or timely recognition of attacks.
  6. Metrics ought to be established that facilitate mutual understanding for calculating the effectiveness of safety measures, supplying a typical language for professionals, IT specialists, auditors, and also to enable security authorities to speak about risks inside the organization.

The security controls presently listed here are also made to support organisations with various amounts of information security abilities. To assist organizations design a simple security baseline and thereafter improving beyond that baseline, sub-controls are incorporated into each one of the summaries from the 20 Critical Security Controls for IT and they are arranged into specific groups

Quick Security wins: These fundamental facets of information security might help a business quickly improve its security stance generally without embarking on any major procedural, architectural, or technical changes to the atmosphere. It ought to be noted, however, these sub-controls don’t always provide comprehensive protection from the most portent attacks. The intention of determining “quick wins” would be to highlight where security could and should be enhanced quickly.

Enhanced visibility and attribution For your Security: These sub-controls concentrate on enhancing the Procedure, Architecture and Technical abilities of organizations to ensure that they are able to monitor their systems and personal computers and visualize their very own IT procedures. Attribution is connected with identifying which personal computers, and potentially which customers, are producing specific security threats. Such enhanced visibility and attribution helps organizations identify attack attempts, locate the points of entry for effective attacks, identify already compromised machines, interrupt attackers’ activities, and gain information concerning the causes of a panic attack. Quite simply, these controls improve an organization’s situational understanding of its atmosphere. These sub-controls are recognized within this document as “visibility/attribution.”

Hardened configuration and enhanced information security hygiene: These sub-controls are made to improve an organization’s information security stance by reduction of the number and magnitude of potential security weaknesses thereby enhancing the procedures of networked personal computers. They concentrate on safeguarding against poor security practices by system managers and clients that may give a foe an advantage in attacking targeted systems. Control recommendations within this category are developed using the knowledge that a properly-handled network is usually a significantly harder target for computer attackers to take advantage of. These sub-controls are recognized within this document as “configuration/hygiene.”

Advanced Security: These sub-controls are made to further enhance the security of the organization past the other three groups. Organisations already following all the other sub-control should concentrate on this category. Generally, organisations should compare all 20 control areas against their current status and develop a business-specific intent to implement the controls like a critical element of an overall security program. Ultimately, organisations should make an effort to implement each control area, using all the sub-controls within each area, and dealing from quick wins through visibility/attribution, configuration/hygiene and then to advance. To start with, organizations with limited information security programs might want to address the quick wins sub-control to be able to make rapid progress and make momentum inside their information security program.

A number of these controls could be implemented and measured using existing tools present in many government departments and companies. Other controls could be implemented using commercial or, in some instances, free, open-source software. And others may need a good investment in new enterprise tools and personnel expertise. In today world there is no more excuse to implement good tools that will protect your business, because many are free.

Each control area includes a metric section that delivers more information concerning the specific timing and objectives connected the evaluation of the whole system components.

Each Security control area includes an evaluation section that shows how organizations can evaluate their implementation of every control metric. These examinations are devised to aid automation whenever we can, so as to ensure that an organization is capable of reliable, scalable, and continuous multi dimensional adherence towards all of these controls and the related metrics. For a Comprehensive Network and Systems Security review for your business please contact us today on 01733 808404.

Network Security based on SANS Security Framework.