Security Program Spring Cleaning - Part 1 of 3

The weather is warming and as we reach mid-Spring in North America, it is time when one must ask - is my security posture Springtime Fresh? Chances are you have a number of stale information security processes with irrelevant or incomplete tasks. Time to put on your housekeeping bandana and dig into the tasks you’ve been putting off since the Q4 holiday change freeze. This week we'll review how we might put the figurative snow shovels in the shed and tidy-up the network focused security tasks strewn about the garage. 

Sharpen your Network Security Tools
It’s time to move the furniture around and find out what dust bunnies are hiding.When was the last time you audited the network access you have granted to vendors, suppliers, partners etc.? Do you know know where all of your VPN tunnels terminate and the access policy on each? How is your vulnerability assessment program doing? Any mergers or acquisitions or additions to your IP address space, any new datacenter deployments this year?  (Don’t worry — you’re not the only one hearing crickets)

To-do To-day List:

• Review your network ACLs (firewalls, routers etc.) for extraneous access; if you don’t know why rule #32 exists, disable the rule and see who screams
• Audit point-to-point VPN connections to partners and suppliers; do they really need persistent access, when they’re only working on projects part of the year?
• Verify your vulnerability scanners are targeting the your complete IP space; think outside the network and ask your facilities folks if they’ve added any offices they haven’t thought to tell you about.
• Take up the IDS tuning tuning project and review your organizations NSM sensor placement.
• Log all of your DNS query traffic. If this is your first view into your DNS requests - you are bound to find some grime .
• Review the egress sFlow/netFlow network data for anomalies.
• Got SDN? The deployment is likely too new for dust, nevertheless - secure your controllers.

If you don’t know Flow, IDS, NSM, you’re looking at more than a Spring Cleaning — you may need a security remodel. In Part 2 we will look at how to pull up the rugs to clean, polish, and buff-out your organization's identity and access programs.