The new White House CyberSecurity Officer has shared his top 10 predictions for 2010 and the network has now made it to the list. Bill Brenner takes it a step further, in yesterday’s article discussing the added risks to the network associated with 2009’s economic fallout – from disgruntled former employees compounded by the unprecedented number of layoffs highlights. There are two best practices associated with reducing this risk:
- Eliminating a single log in access and proactively monitoring change. IT organizations tend to have a single login to reduce the complexity of maintaining individual user roles and rights. While IT staff often understands user-based access eliminates much of the unnecessary risk associated with a single admin account, they tend not to implement because it takes time. For example, if one person leaves, changing or eliminating their single access rights is easier. IT organizations are often guilty of giving full access or admin rights to network devices, and if there is a layoff or a person leaves, many times the passwords and access aren’t changed or if they are changed, the passwords usually just change a number at the end which can be easily guessed. This leads to additional risk associated with changing key configurations in devices across the network.
- Insure against unwanted or unplanned changes. Many organizations assume a change management process or change window eliminates the risks of unplanned changes, but if the modification is meant to cause harm, it will never go through the process. If the attacker gets through the processes and security and actually makes a change, the organization needs to know exactly what changed on what device quickly and easily. Typically problems occur when the changes go unnoticed for hours, days or weeks, but if you are alerted to an unplanned changed and can see exactly what was modified, the IT team can resolve the issue much faster and eliminate the majority of risk.
We’ve got a whitepaper available on “Avoiding the Top 5 Network Management Mistakes” at http://www.netcordia.com/resources/whitepapers.asp. It covers these issues and other common mistakes that add unnecessary exposure for organizations.
About mgowarty
Matt Gowarty is leading the product marketing aspects for Netcordia and positioning NetMRI in the Network Configuration and Change Management (NCCM) space.
Matt has over 12 years of IT experience with focus on network and application management, telecommunications and performance management. Prior to joining Netcordia, Matt worked with leading companies including Visual Networks, Verizon, GTE and Fluke Networks.
Over the past decade, Matt has been a thought leader in the performance management space being a frequent speaker and contributor for tradeshows, seminars, webinas and whitepaper with topics including MPLS management, VoIP, Managing the Impact of Change and Application Performance Management.
Matt has his MBA from Penn State Univeristy and his BSBA from Robert Morris College.