Losing a few thousand dollars in a ransomware event might represent nothing more than a rounding error to large enterprises, but that same few thousand can be devastating to an individual. In response, governments around the world have strengthened their efforts to protect said individuals (a.k.a., end-consumers) through the promulgation of stringent data regulations. Chief among these efforts: the threat of punitive fines to businesses that play fast and loose with their IT networks.
It’s simply common sense. Companies have a responsibility to prevent their customers' data from falling into the wrong hands. To that end, IT managers must exercise vigilance over their local area networks and be able to identify weak spots before hackers do.
Here’s a brief step-by-step guide on best practices to test for network vulnerabilities:
Step 1: Plan and define the scope of your vulnerability assessment
Your cybersecurity team — whether it’s internal or deployed by a managed IT services provider – must work with every department to simultaneously identify the objectives of the assessment and limit its scope, ensuring the timely attainment of actionable insights.
Example: If your company handles cardholder data, you’ll have to check if you’re compliant with the Payment Card Industry Data Security Standard (PCI DSS). The scope of your assessment will include determining whether or not you can retrieve full credit card and/or account numbers from the systems you use. Depending on this status, you could find yourself significantly more vulnerable to data breaches, which in turn could trigger fines from credit card companies.
Step 2: Gather information regarding your network infrastructure
Analyze your network and trace its “footprint” — i.e, the breadth of the software and hardware that comprises your network. Among the items you should audit are:
- ❏ Ports and running data services
- ❏ Software and driver configurations
- ❏ Operating systems
- ❏ Network services logs (specifically if these are being sent to a security information and event management solution or SIEM)
- ❏ Physical and virtual servers
- ❏ Subnetworks
- ❏ Existing security measures, be these intrusion detection and prevention systems (IPS/IDS) or firewalls
Step 3: Scan for and assess network vulnerabilities
Identifying potential and actual vulnerabilities is paramount among procedures. Assessing your performance against industry best practices, your cybersecurity team must examine:
- ❏ Unsupported or outdated programs, operating systems, and hardware
- ❏ Security protocols such as:
- ❏ User authentication systems
- ❏ Rights management systems
- ❏ Mobile device management (MDM) systems
❏ Cybersecurity awareness among all employees across the entire organization
❏ Business continuity and disaster recovery protocols for cyberattacks
To assess your system even more extensively, industry experts recommend penetration testing.
Step 4: Report the findings and quantify the consequences of a successful data breach
Vulnerabilities that could lead to the unauthorized disclosure of sensitive information must be clearly documented so that each and every one of them can be addressed properly and immediately. Your team must also calculate the probability of a potential cyberattack and assign your company a risk rating.
To highlight the critical nature of cybersecurity, a section of the report must be dedicated to quantifying the economic damage caused by a full-blown data breach. Make sure to specify the financial impact of each of the following:
- ❏ Penalties imposed by private governing bodies such as the payment card industry (PCI)
- ❏ Legal fines for noncompliance with regulatory frameworks such as HIPAA and GDPR
- ❏ Internal downtime
- ❏ Reputational damage
- ❏ Customer departure
- ❏ Being blacklisted by firms when they seek bidders for their projects
Step 5: Identify countermeasures
Finally, your assessors must specify the countermeasures to take to raise your defenses. There may be open ports that should be closed, unsupported hardware that must be replaced, or applications that need to be updated. Or perhaps it’s your staff’s lack of awareness relative to network cybersecurity protocols that is your Achilles' heel. Whatever your vulnerabilities, address them with a sense of urgency. Don’t wait for cybercriminals to get there first.
For thorough and effective vulnerability assessments, turn to Charles IT. Contact us to learn more about bringing best-in-industry standards to your network.
