Previously, I analyzed the risk of a cyberattack in financial services. This blog explores network infrastructure and proactive measures to take to keep the network secure.
While firewalls have been the cornerstone of network security for years, there are newer, much more capable devices now available. These next-generation firewalls (NGFW) are capable of performing the first line of defense for malware (antivirus) and malicious intrusion through a technique called deep packet inspection. Each incoming data packet is analyzed and compared against a continuously updated blacklist of malware, with malicious data blocked from entry and logged for further preventative action. By no means are NGFWs intended to be the only malware protection for a firm; its applicability is in providing an additional layer of security, preventing malicious attacks as far from data resources as possible.
Another important component of peripheral defense concerns distributed denial of service (DDoS) attack avoidance. DDoS is a common attack vector against a firm wherein a hacker floods a firm’s internet exposed network with a volume of data packets such that legitimate activity cannot get through, effectively blocking access for customers. There is a class of network appliances that are purpose-built to sit in front of a firm’s firewalls to rapidly filter DDoS packets to thwart such attempts.
Routers, the network devices that send data packets to and from endpoint devices, must be properly configured to restrict access to only those ports on which traffic is expected, and to forward pertinent data packets to only the designated applications, servers, or alternate endpoints.
Wireless access points should be configured with the highest level of encryption, and the network should be monitored to ensure that rogue, ad-hoc hotspots are not established by individuals. Guest, non-employee, and non-authenticated access to the network can be allowed, but only through a virtual LAN (VLAN) construct, allowing only access to the external internet with no access to local network resources.
All network appliances should have their firmware updated frequently, to ensure that known vulnerabilities are patched. The Common Vulnerabilities and Exposures (CVE) database lists the identified exposures by vendor, product, and software version.
To learn more about network infrastructure and security measures financial services firms can implement in order to mitigate the risk of cyberattacks, you can fill out the form below or click here.