Skip to main content

Enterprise Management - Network Security Threats | Optiv

April 02, 2010

I visit lots of customer sites each year and see many security-related commonalities amongst them. At the top of this list, from a network security perspective is the lack of attention paid to enterprise patch management and enterprise configuration management.

For better or for worse, Microsoft has taught the industry to patch once a month. But, most of Microsoft’s patches released on this monthly cycle deal only with the various Microsoft Operating Systems and fail to address vulnerabilities in primary or secondary applications or services such as Exchange, SharePoint, IIS, etc. Due to this type of release cycle, and a lack of self education on the part of the administration staff, many organizations are failing to effectively patch the technologies and applications that lie on top of their Operating Systems, such as Oracle databases and desktop applications like Adobe Acrobat. Without a comprehensive patch management program, organizations continue to have significant gaps in their security based on missing patches.

Honestly, enterprise patch management doesn’t have to be a problem.  Just recently, Microsoft released their new patch management solution, which provided better flexibility to manage patches at the desktop and secondary application level. Additionally, there have been solutions available on the market that enable organizations to effectively maintain operating system patches for not only Windows but other operating systems such as Linux and Unix, as well as primary and secondary functioning applications like SQL servers, MS Office and the various Adobe products. Some even go as far as providing better support for pushing antivirus updates. Many of these solutions also provide the capabilities companies need to maintain consistent hardware configuration settings.

Just as enterprise patch management is a fixable issue, so is network enterprise configuration management. From a hardening procedure standpoint, organizations spend a lot of time creating their standard system build image and forget to come back and update that image on a regular basis.  A solution that was effective six to 12 months ago will not be effective today, and it will leave a network vulnerable. Standards change and the Internet is not static. Therefore, it’s important for companies to pay attention to ongoing maintenance of standards and policies and make ongoing changes as appropriate.

As you can see, when it comes to network security the people and processes are just as important as the technology - maybe even more so. I strongly believe that the biggest potential mistake administrators and/or companies can make is not educating their users.

The majority of recent attacks faced by Twitter and Google are directly targeting the employees and users of corporate networks. Companies that haven’t taught their users the basics of what to avoid can pretty much assume they’re going to get infected by the next big infestation/attack, especially when you couple that with legacy technologies like Internet Explorer 6 as the standard browser they are required to use. Providing ongoing user awareness training and seminars that include real world examples and scenarios is the best way to educate users on their requirements to help keep the environment as secure as possible.

Companies also need to focus more on using the right resources for the right initiatives. A common mistake that I’ve seen over the past two years happens when an organization buys a Web Application Firewall(WAF) and leverages network operations personnel to implement and maintain the system. Unfortunately they will find out the hard way that they are using the wrong resources. A WAF requires detailed knowledge of the Web environment and application infrastructure, which many network operational professionals do not have. Based on a strong understanding of Web applications, an application level professional or developer would be a better choice for ongoing maintenance of this type of technology - at least from a policy and technology enforcement perspective.

I’d love to hear about the changes your company has made to harden network security. Let me know!

Related Blogs

November 11, 2014

5 Ways Your Enterprise Security Tools Are Failing | Optiv

We have witnessed a dramatic shift in the nature of enterprise security in the last 10 years. The individuals who are attacking our networks are no lo...

See Details

May 21, 2014

Using Fusion Centers to Improve Situational Awareness

I have been having many discussions lately around the concept of threat intelligence fusion centers. If you haven’t heard of a fusion center, it is an...

See Details

June 30, 2014

Three "E"s of Modern Email Security for Phishing: #3 Enterprise Visibility

In response to the persistent threat from phishing attempts, a three-pronged approach focusing on the “Three 'E's of Modern Email Security for Phishin...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

July 21, 2015

Data Security Solutions

Learn how we can help secure your date throughout its lifecycle.

See Details

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

July 21, 2015

Application Security Solutions

Learn how Optiv can help with web, email and application protection.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.