February 2015 — Property Management Quarterly —
Page 21
O
nly four out of the 783 data
breaches that were reported
in 2014 sawmore than 83 mil-
lion records exposed. All of
these attacks, big and small,
were carried out to make a public point
about the company, to gain financially,
to steal intellectual property or to use
the company’s network to attack other
companies.The one thing that all 783
attacks had in common was the lack of
comprehensive security solutions.
Attacks are happening every day.
Some will be successful and some
unsuccessful. It all depends on how
you look at network security, the tech-
nology you deploy, the policies and pro-
cedures you develop and the technical
resources providing your support.
No matter what the motive is for an
attack, the outcome is always the same.
Records get compromised or leaked,
there is a financial impact to the com-
pany and, most of all, the company’s
reputation is damaged.
If property managers only offer their
tenants Internet service as a provider,
similar to Comcast or Century Link,
then it’s up to the tenants to provide
all the needed security. But if property/
facility managers
offer some kind of
firewall or security,
which some do, the
managers become
liable.
Firewall and secu-
rity devices.
With
the different attack
vectors, including
direct attacks, social
engineering attacks
or compromised
websites, a standard
firewall will only
protect so much.This is when property
managers must look at other security
devices to complement a firewall, such
as a unified threat management fire-
wall, content filtering,Web application
firewall or intrusion detection systems/
intrusion prevention systems.These
technologies will help protect users
and their information.
A UTM firewall offers the conve-
nience of several security solutions
integrated into a single platform.This
technology is one of the increasing
trends in network security today to pro-
vide the protection needed to decrease
the risk of a data breach while control-
ling the total cost of ownership.
A common trend in firewall imple-
mentation is to allow all outbound
traffic from the internal corporate
network to pass without inspection
or validation.When trying to provide
security, it is imperative to understand
what is leaving your network and why.
An example would be if a workstation
becomes compromised or infected,
but that workstation is still allowed to
talk outbound to the Internet without
inspection. If this happens, it could
then go back to the hacker’s server,
which would allow the hacker to gain
command and control.When you limit
what outbound traffic is allowed, you
will block most connections back to the
hackers.
Configuration and monitoring.
Miscon-
figured devices or default configura-
tions are still some of the biggest
threats to a network. More attacks are
successful and compromise networks
or devices because of a misconfigura-
tion on a device or default configura-
tion left on a device.When setting up
security devices, it is best practice to
change all default accounts, passwords
or configurations. (There are websites
available for hackers that list devices
that have default configurations.)
Network monitoring.
Monitoring net-
work traffic to determine what is mali-
cious activity is a full-time job. Most
organizations struggle here for sev-
eral reasons, including lack of skilled
resources, lack of policies and proce-
dures, and lack of sufficient technology
to understand what is happening in
their environment.
Without proper monitoring or report-
ing of the security devices, property
managers will have blind spots, which
is a major risk. If the firewall is not
monitored for drop connections, an
infected workstation will go undetected
and can call out to the hacker’s server
to allow the hacker to gain control.The
monitoring of a network is one of the
greatest tools that you can use.
Regular-risk assessments.
A lot of
companies fall into a false sense of
security when they implement the lat-
est security devices. Often they believe
they are protected and nothing else
needs to be done.The problem is that
attackers are always creating newways
to gain access. Another best practice
that is trending is to have a regularly
scheduled risk assessment.
When having security assessments
preformed, all network-connected
devices should be tested to see if the
testers can gain access to the devices.
Additional services, such as social
engineering, are important and need
to be considered in the assessment. If
an attacker can socially engineer one
employee to open access through the
firewall, all users are at risk.
Once the risk assessment is complet-
ed, managers will get a report of the
vulnerabilities or risks to the network
and hosts.There are reputable compa-
nies that can provide extra security.
I have touched on different areas, but
the one thing to remember when offer-
ing security to your users is that they
trust you to protect them from attack-
ers. How you protect them says just as
much about you as how you manage
the property. A data breach will make
the news and names will be printed.
Don’t let this happen because of a mis-
configured device or a poorly planned
security device.
s
Technology Trends
William Hoffman
Principal/senior
security specialist,
Think Security,
Aurora
Many organizations struggle
with network monitoring for
these common reasons:
• Lack of skilled resources
• Lack of policies and proce-
dures
• Lack of sufficient technology
to understand what is happen-
ing in their environment.
Common security
challenges
Notable 2014 data breaches
included:
• JPMorgan Chase & Co.
• Sony
• Staples
• AT&T
• Chick-fil-A
• National Oceanic and Atmo-
spheric Administration
• Department of Homeland
Security contractors
• U.S Postal Service
• eBay
Examples of data
breaches in 2014
