When it comes to diagnosing network security, most conversations center on common threats – DDoS, MiTM, SQL Injection etc. While these types of network security concerns are very urgent, and you should invest in diagnostic processes like penetration testing to prevent them, they aren’t the only type of security concerns your network admins need to worry about.
In this blog, we are going to highlight some of the lesser talked about yet just as critical network security concerns.
Dealing with BYOD
BYOD, or Bring Your Own Device, is the corporate platform of allowing employees to access company networks via their own devices – smartphone, tablets and laptops. The idea behind BYOD is simple: allow employees to access company information on their own device while also allowing employees to access their own personal data. The benefit here is work/life balance.
While this might prove beneficial for the employee, for the network security analyst, the idea of so many different types of devices all accessing company networks creates a huge security problem. The initial approach to this issue would be to focus on securing every type of device connecting to the network yet, with the sheer amount of devices on the market coupled with the ease of changing personal devices with often routine, this strategy seems near impossible.
As noted in the news, certain companies are taking the approach to monitor every device connected to their network by blocking specific apps communicating with the network. Some of these apps include camera, voice-activated personal assistants and data storage applications like Dropbox and Google Drive (for the obvious reason of probable data theft).
But again, sheer volume.
The second approach, and what seems to be the better approach, is to say the hell with each device and focus on the data. Instead of securing each device, smarter network engineers are centering their security concerns on the type of data each device communicates to the corporate network.
As the amount of data your corporate network has is finite, and more so as the amount of data anyone employee will need to access is even more finite, managing data access rather than device access, is a smarter bet with more strategic attainable goals.
By safeguarding data, the multitude of BYOD’s become irrelevant.
Power Supply
When we think about network security concerns, we tend to think about software, hardware, patches and various types of viruses. We don’t tend to think about the physical nature of what it takes to operate that network. We don’t think about the lifeblood of that network. That lifeblood being power.
While DDoS attacks keep network analysts up at night, does a power surge? What if, instead of compromising a network through SQL injection or advance persistent threat attacks, a hacking party decided to bring down your network through power spikes? Or what happens in case of a regional brown out?
We tend not to think about network security in terms of power consumption but those threats are just as real as DDoS and man in the middle attacks. To deal with power supply security concerns, make sure of the following:
- All mission critical network devices need to operate off uninterruptible power supply systems (UPS). UPS ensure when power is cut, mission critical devices are backed up and running on an auxiliary power source
- All mission critical network hardware and systems must have protocol in place to operate from a system of backup generators all linked into hardware UPS devices
- Redundant power supplies are mandatory across the network, for critical hardware
- Conduct power check and UPS monitoring on a routine basis to make sure power supplies will run as needed in case of a massive spike or brownout
Dealing with Physical Environmental Concerns
Another major issue which mostly goes unmentioned is the physical environment of data center network security. Sure, phishing attacks are a pain in the butt and worms can really screw up your network but what of the moisture content or the air flow in your data center? How about electromagnetic interference or unchecked fraying cables running the possibility of ignition?
We don’t talk about it but network environmental concerns are real. Here is a list of a few concerns and how to deal with them:
EMI, or electromagnetic interference
EMI, or electromagnetic interference, is an issue that centers on bad cabling practices. EMI occurs due to the natural occurring magnetism produced by electricity running through common network cabling lines – Cat6 is common. EMI is a concern because it carries with it the power to reverse the flow of data and power. To deal with EMI, make sure all cables are properly insulated.
Room Temperature.
Keeping a data center room too hot or too cold, too humid or too dry, can impact the overall performance and security of your network. With a more pure form of oxygen pumping into the room, temperature can impact the possibility of device sparking, long term hardware health and long term current transition. To deal with room temperature concerns, always keep DC temperatures at suggested network provider temperature.
Wire sparking.
This one is simple. Over the course of time your network cables will break down and fray. These fraying points, often happening at a connection point, can cause electric current to come in direct contact with pure oxygen resulting in data center fire. To keep wire sparking from happening, every three to six months network technicians should run a full diagnostic check on all network cables.
While these issues might not seem like network security issues, we would argue that the possibility of a fire or leak in your data center, effectively endangering all your network data, is a security issue.
Conclusion
Lesser known network security concerns need to be talked about and planned for just as much as more common security concerns. If you don’t plan for power issues, for environmental issues and for BYOD issues on top of viruses and common malicious traffic, you hold yourself at risk.
For this reason, ensure your network is secure by following the advice above. For more advice on network security, feel free to contact us.