DISCOVER THE 14 CORE CAPABILITIES YOU NEED FOR DEFENCE-GRADE SECURITY

The following 14 core technical capabilities were created to help guide and prioritise cybersecurity investments.*

With cyber threats constantly evolving, it’s important to identify the gaps in your security posture and being prepared for cybercriminals to get through your defences in this changing environment is essential. You need to determine where to start and what is most important.

1. Asset Management

Identify assets by leveraging automated tools and discovery solutions (to also discover rogue systems), including:

  • Installed software (including on endpoints, mobile (leverage Mobile Device Management (MDM or EMM) solutions) and servers)
  • Deployed hardware (including endpoints, mobile, cloud and “on- premise” systems)

2. Network Segmentation

Ensure networks are properly segmented, particularly separating the business side from the infrastructure networks.

Focus initially on high value assets and critical systems. Move away from solutions that focus only on “on premise” segmentation and deploy network segmentation solutions, such as Software Defined Perimeter that allows for granular role-based segmentation of on-premise and Cloud-based systems, including legacy systems. Additionally, leverage Network Access Control (NAC) when possible.

3. Network Security

Leverage intrusion detection and prevention systems (IDS/IPS) across enterprise and system enclave boundaries (including ingress, egress points), including using cloud-based appliances whenever possible to monitor cloud traffic.

  • Select solutions that can protect both on-premise and cloud-based traffic and consolidate alerts/logs on a single dashboard
  • Consider leveraging Deep Packet Inspection/Packet Capture (DPI)
  • Consider deploying cloud access security brokers (CASBs) at cloud boundaries
  • Leverage Domain Name Server Security (DNSSEC) to secure your Domain Name Server (DNS)
  • Consider specific distributed denial of service (DDoS) protections to protect servers, applications, and networks
  • Consider solutions that protect communication systems against telephony denial of service (TDoS) and DDoS attacks

4. Identity Management

Manage user access and roles by:

  • Deploying a centralised identity management solution with access control management and identity proofing
  • Leveraging a Single Sign-On solution across the enterprise and its applications
  • Deploying multi-factor authentication across the organisation, particularly for critical systems and privilege access
  • Using identity management best practices to ensure “need to know” and “least privilege”
  • Properly disabling or deleting accounts according to the organisation’s policy requirement

5. Privilege Access

Privilege access management solutions should be deployed to manage and control critical infrastructure systems’ administrative accounts, including:

  • Requiring multi-factor authentication for all administrative accounts, including on servers and endpoints
  • Using solutions, such as Software Defined Perimeter, to enforce multi-factor authentication policies across the enterprise while implementing patching, need to know, and least privilege, among others

6. Patching and Vulnerability Management

  • Conduct proper monitoring and patch installation, including testing prior to patch deployments
  • Prioritise patches based on risk and critical impact
  • Regularly perform automated scanning (daily ideal or weekly), including credentialed, passive, internal, and external scans. Include database configuration and web services configuration scans
  • Install agents on servers and endpoints to facilitate scans whenever possible
  • Scan applications both statically and dynamically
  • Perform source code review when necessary

7. Continuous Monitoring

Continuous monitoring is recommended 24 hours a day, 7 days a week, including:

  • Employ alerts and Security Information and Event Management (SIEM) solutions with a customised dashboard to monitor critical systems using proper log management
  • Create/manage a security operation centre (SOC) to continuously monitor critical systems

8. Endpoint Protection

Employ endpoint protection solutions to:

  • Mitigate against viruses, ransomware, and malware using solutions such as Application Segmentation (Micro Virtual Machine isolation), Advanced Endpoint Protection, and Antivirus/Anti-malware
  • Deploy these solutions across all endpoints and servers, including mobile devices
  • Leverage a File Integrity Solution to protect against file tampering/rootkits etc.

9. Public Key Infrastructure (PKI)/Key Management

Deploy both symmetric and asymmetric encryption key management solutions, including:

  • Managing public and private keys used for application programming interfaces (APIs), email signing, and encryption using a PKI solution
  • Employing key management solutions to store keys, including Secure Shell (SSH) keys and other encryption keys

10. Log Management

Centralise, correlate and consolidate logs, including:

  • Ingress and egress logs
  • Application logs
  • Endpoint protection logs
  • Firewall logs
  • Security logs such as authentication failure, misuse, unauthorised access, insider threat
  • Server logs
  • Database logs
  • Webserver logs
  • IDS/IPS logs

Ensure proper timestamp by leveraging Time Synchronisation (Network Time Protocol (NTP)) solutions across every system.

11. Phishing Protection

Implement phishing training and plugin solutions, including:

  • Mandating regular phishing training for all employees, including senior executives
  • Deploying email validation system (Domain-based Message Authentication, Reporting and Conformance (DMARC), Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM)) to detect and prevent email spoofing
  • Deploying phishing plugin solutions on email servers and endpoints to allow phishing email detection, prevention, and reporting
  • Conducting real-life phishing campaigns to all your employees to measure openings/clicks, and target training to employees opening those emails

12. Configuration Management

Adopt a configuration management solution to properly enforce configuration requirements on servers and endpoints, including:

  • Prioritising solutions that can synchronise logs with SIEM and that support multiple operating systems
  • Leveraging application whitelisting solutions to limit access to necessary applications on endpoints and mobile devices. Whitelisting is recommended instead of blacklisting because new malicious software is too difficult to track

13. Application Security

Application security is the use of software, hardware and procedural methods to prevent vulnerabilities in applications and protect sensitive information from external threats. Applications may include desktop, server, and mobile technology. Software security should be built into applications during their development phase:

  • Fuzz testing (fuzzing) should be leveraged as a quality assurance technique, using a software tool called a fuzzer to discover coding errors and security loopholes in software, operating systems or networks. The technique involves inputting fuzz (massive amounts of random data) to the test subject to make it crash, find vulnerabilities, and identify potential causes
  • Dynamic analysis can be used as the testing and evaluation of a program by executing data in real-time to find errors in a program and flaws in the source code while it is running, rather than by repeatedly examining the code offline. Dynamic code analyser software finds security issues caused by the code’s interaction with other system components like SQL databases, application servers or Web services to debug a program in all the scenarios for which it is designed
  • Static code analysis is also available as one of the security tools the enterprise can use to identify flaws and malicious code in applications before they are bought or deployed. The process provides an understanding of the code structure, and can help to ensure that the code adheres to industry standards
  • Leverage Web Application Firewalls (WAF) solutions to secure your web applications

14. Data Security

Implement solutions to secure data, including:

  • Properly protect data, in particular, personally identifiable information (PII), personal health information (PHI), payment card industry (PCI), and sensitive, classified, and/or financial data, by using Data Loss Prevention solutions:
    • Leveraging solutions to detect and prevent data leaks and massive data exports on servers, databases, and endpoints, when possible
  • Deploying backup solutions across the organisation endpoints, servers, databases, and critical systems
    • Establishing off-site backup, whether in a separate datacentre or on the cloud
  • Mandating encryption for all PII, PHI, PCI, sensitive, and confidential data whenever possible. Examples include:
    • Requiring full disk encryption solutions for mobile devices, laptops, and removable media
    • Using encryption on databases and files whenever required

* 2018 Cybersecurity Guide – originally provided by Bromium featuring Nicolas Chaillan.

Network Utilities acquires Metropolitan Networks to create the UK’s leading specialist integrator

London, 28th March 2019:  Network Utilities Ltd, a leading integrator of network and security solutions, has announced the successful acquisition of Metropolitan Networks, a provider of customer-centered network support and security managed services, that will create the UK’s leading specialist integrator of identity-centric network, security and data solutions and services to enterprises, telcos, MSPs and ISPs.

The newly enlarged Network Utilities will also gain its own on-premise data centre and 24/7 Network Operations Centre in the UK and new offices and staff in the Middle East, Caribbean and West Africa to support an expanded roster of international clients including Cable & Wireless, Judiciary of Trinidad & Tobago and Nutrien. 

The combined company has over 400 enterprise and service provider clients including many listed within the FTSE 100 along with household names in financial services, education, healthcare and manufacturing.

“This acquisition marks a great day in our 25 year history and brings together two companies that have a highly regarded and trusted reputation with clients and partners,” said David Bundock, Chief Operating Officer. “As one of the oldest serving specialist solution providers with customer relationships that span over a decade, Network Utilities has focused on excellence over growth. However, with this deal, we now have the depth and breadth of people, technologies and services to expand our customer footprint without sacrificing the values that have made us so successful.”

Michele Lewington, one of the original founders and Managing Director of Network Utilities for 25 years commented: “I am delighted to hear this news. The two companies have worked together on various projects over many years and both bear the hallmark of ethics and service that customers have come to expect. My heartfelt thanks go to those Network Utilities employees who are amongst some of the most talented, hardworking and loyal of all in the industry. It is their commitment to the business over many years that has enabled me now to leave the company in safe hands to enjoy semi-retirement and the pursuit of other interests.”

The acquisition, for an undisclosed sum, will see Network Utilities take over all staff, premises and ongoing maintenance contracts from Metropolitan Networks with a full equivalency of agreed service level agreements. All staff will consolidate at new headquarters in Orpington which will also maintain the new Network Utilities NOC and data centre.

“Metropolitan Networks has grown rapidly, and the last 15 years has been a fantastic journey,” explains Ashok Thomas, Chief Executive Officer and founder of Metropolitan Networks. ” However, to keep on meeting the expectations of our clients while expanding the business proved challenging through organic growth alone. This investment by Network Utilities and the merging of expert technical and sales teams into a new entity offers our existing clients more benefits, including access to some of the best security focused people in the UK plus a management team that have vast experience in successfully growing a business over the last two decades.”

The new company hold top tier accreditations from key vendors including Juniper Networks, Pulse Secure and Fortinet as well as in-house CISSP experts and Security Clearance for its ongoing work with several UK governmental and security agencies. Network Utilities also holds ISO 9001 and 27001 certifications.

“At a time of uncertainty around the UK’s place in Europe, the deal also expands our footprint into new regions around the world such as the Middle East, the Americas and Africa where, although initially small, we have long established, international clients that offer us growth potential,” says Paul Rowe, Sales Director, “Our enlarged size and new areas of the business such as training, private cloud  and Cyber Essentials certifications also provide us with a more rounded portfolio that allows us to offer additional value added services that are  beneficial to both existing and new customers.”

Commenting on the announcement, Mike Catlin, CTO for Polar Capital Holdings Plc; a long-standing client of Network Utilities said, “Network Utilities have been a trusted service provider for over 10 years. Finding a supplier that consistently offers insightful expertise to help us deliver stable IT while meeting complex cybersecurity requirements is always a challenge and knowing that we will be able to retain this relationship over the longer term is good news for us.”

Ashok Thomas, CEO, Paul Rowe, Sales Director and David Bundock, COO are all available for interview or additional written Q&A.

Webinar: Network Utilities Managed Security Services

Here at Network Utilities we offer a range of services and enhanced support from simple pen testing to 24/7/365 telephone support to fully managing your IT security. The aim is to remove the burden of niggling IT issues or staff shortages allowing you to focus on your critical projects and business objectives.

Watch our snappy 30 minute webinar with our Principle Technology Strategist; Malcolm Orekoya and hear about our:

  • Security-as-a-Service
  • Network and Security Health
  • Training and Support services
  • Enhanced Support Services

Do you need any more info? Call us on 020 8783 3800 or fill out the form below.

.

Network Utilities and EfficientIP partner to help customers become GDPR compliant

In July 2016 Network Utilities and EfficientIP announced their partnership agreement to provide UK based customers with EfficientIP DDI solutions and draw on Network Utilities’ recognised expertise in the market and expand EfficientIP’s existing partner network in the UK region. Both company’s solutions will help organisations in a variety of public and private industries – particularly telecom – to protect their critical applications from growing threats, as well as integrate advanced network infrastructure.

With new legislation coming into effect in May 2018, this is a critical time for all organisations to focus on the strength, resiliency, and intelligence of their networks to avoid data breaches and ensure GDPR compliance. Now is the time to start building a GDPR-compliant infrastructure and providing sufficient security at the DNS level can save companies huge amounts of money and help avoid unnecessary GDPR proceedings.

David Silsby, Network Utilities Sales Director, believes this continued partnership will be beneficial to prospects and customers: “This new GDPR legislation puts the responsibility on companies to make sure their networks are as secure as possible, which will mean much more than just protecting the companies data it means protecting the whole infrastructure. No one can afford to ignore GDPR and working together with EfficientIP, Network Utilities will be able to offer customers a more enhanced security offering.”

David Williamson, EfficientIP CEO, is also looking forward to a continued partnership: “The addition of Network Utilities to our partner group is key to bringing new adaptive security solutions to their customers. The past two years have seen a dramatic increase in cyber security attacks, and DNS has been confirmed as being a weak point of the network infrastructure. We have the solution for this in our 360° DNS Security, and Network Utilities has the expertise to apply it as part of their offering.”

Network Utilities will be hosting a webinar with Martin Wellsted from EfficientIP on the 3rd May.  Register here and find out more about DNS exfiltration and how to prevent the unauthorised transfer of data from your organization.

EfficientIP webinar Twitter v2

 

Webinar recording: Network Security in the Cloud – Join the Revolution

Cato Networks is rethinking network security from the ground up and bringing it into the Cloud. Cato connects your branch locations, mobile users, physical and Cloud infrastructure into a secure and optimised global network in the Cloud.

Cato is making Network Security Simple Again.

Watch this recording to learn how Cato’s Cloud-based Secure Network offers a simple and affordable platform to securely connect all parts of your business.

Find out more about Cato Networks here.

Palo Alto Networks Traps – Endpoint Protection

Traps prevents security breaches!

traps-hp-chiclet

Traditional antivirus (AV) is not the solution to endpoint security – it is the problem. AV is no longer effective at stopping today’s cyberthreats and to prevent security breaches in your organization, you must protect yourself not only from known and unknown cyberthreats but also from the failures of any traditional AV solutions deployed in your environment.

Traps replaces traditional antivirus with a proprietary combination of purpose-built malware and exploit prevention methods that protect users and endpoints from both known and unknown threats. With Traps, you prevent security breaches, in contrast to detecting and responding to incidents after critical assets have already been compromised.

The updated release of Traps eliminates the need for traditional AV by enabling you to:

  • Prevent cyber breaches by pre-emptively blocking known and unknown malware, exploits and zero-day threats.
  • Protect and enable your users to conduct their daily activities and use web-based technologies without concern for known or unknown cyberthreats.
  • Automate breach prevention by virtue of the autonomous reprogramming of Traps using threat intelligence gained from Palo Alto Networks WildFire threat intelligence service.

To learn more about Traps and its new updated capabilities download the latest resources from Palo Alto Networks:

  • Solution Brief: Traditional endpoint protection solutions use methods that cannot keep up with the rapidly evolving threat landscape. There’s a new way to approach endpoint security. Prevent breaches – without AV. Advanced Endpoint Protection – Technology Overview
  • Whitepaper: It’s time to replace your traditional antivirus with next-generation endpoint security. But how? Protect Yourself from Antivirus.
  • Datasheet: See how Palo Alto Networks Traps advanced endpoint protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Traps Datasheet
  • Dummies Guide: Todays’ sophisticated cyberattacks are designed to inflict maximum damage to an organisations systems and networks, steal sensitive information and render an organisations systems and networks unusable. This guide shows you how to protect your assets. Advanced Endpoint Protection for Dummies.

If you would like to know more about Traps and how Network Utilities can educate and support you please get in touch with our specially trained team.

t: 020 8783 3800 e: sales@netutils.com
www.netutils.com

Credits:
You can read the full blog here written by Michael Moshiri (Director, Product Marketing, Palo Alto Networks).

Other pages of interest:
Palo Alto Networks Raises the Bar for Endpoint Security with Updates to Traps Advanced Endpoint Protection Offering. Read the full blog here.

Independent Authority Certifies that Palo Alto Networks Traps Helps Customers Meet PCI and HIPAA Cybersecurity Requirements. Read the full blog here.

About Network Utilities
Identity Centric Networks & Security

Network Utilities (Systems) Ltd have been providing identity centric network and security solutions to organisations ranging from Telecoms and ISPs to large corporates and SMEs for over twenty three years. Partnering closely with both industry leading and niche technology vendors to bring customers the best solutions the industry has to offer. Read more at www.netutils.com.