Configuration Ports in the Cyber Security Strategy
By Tom Kearns 
Configuration ports on critical and non-critical cyber assets are important but often overlooked in the overall cyber security strategy. Virtually all electronic devices with communication capability have configuration ports, and these ports present an extremely high set of privileges that can be used to change almost anything on the target device. Failing to secure these ports results in a significant security risk.
Unfortunately, configuration port security is a commonly misunderstood area of cyber security. Security guidelines often provide broad statements such as “all ports should be either secured or disabled,” which obviously includes configuration ports. However, configuration ports should not be disabled as they are the default emergency access point for every IT device. Instead, they must be effectively secured.
To help businesses understand the importance and relevance of configuration ports to cyber security, TDi Technologies has produced a whitepaper on “Closing the Security Gaps” involving configuration port security. This whitepaper is intended to provide useful and educational content that can assist companies in maintaining a secure and reliable IT infrastructure.
This free whitepaper is available for download at the following location: Closing the Security Gaps: Securing Configuration Ports.
Automating Baseline Configuration Management
By Tom Kearns
What is Baseline Configuration Management (BCM)? The devices comprising a business’s IT infrastructure store all kinds of configuration information, from functional settings to software versions to various other records and files. Most companies devise a configuration policy which defines how devices should be configured and how configuration changes should occur. However, in many cases the companies do not have the tools needed to confirm that devices are conforming to the policy.
This is where BCM comes in. The baseline configuration is a snapshot of the configuration settings at a specific point in time. The configuration settings defined as the “most secure” state of an asset can then be used as a baseline for comparison. Baseline Configuration Management involves periodically retrieving the configuration of the asset and comparing it to the baseline.
Not managing the baseline represents significant risk to the business. The best way to understand the importance of BCM is to recognize that any device that does not have the proper configuration has a security vulnerability that can be exploited.
Unfortunately, many companies perform BCM as a manual activity, meaning that it is expensive, time-consuming, and prone to errors. At TDi Technologies, we solve this challenge with a device and platform agnostic approach to BCM that considerably simplifies the work involved. The ConsoleWorks solution completely automates this process, from retrieving the configuration, comparing against the baseline, alerting on changes, to identifying where changes have occurred.
For more information on Baseline Configuration Management, download the free whitepaper: Baseline Configuration Management: Closing the Security Gaps
For information on Baseline Configuration Management specific to the Utility sector, download the free whitepaper and solution brief on our NERC-CIP & Smart Grid Solutions page.
Privileged Access Management with ConsoleWorks
By Tom Kearns
What is Privileged Access Management? Privileged access management is a specific subset of access management where the interfaces being managed have a very high level of privilege associated with them. One of the most common examples of a privileged interface is an account on an operating system.
Privileged access occurs every day – for example, to manage business operations (typically in-band access at the operating system) and to support IT operations (typically out-of-band access at the configuration port). Both in-band and out-of-band groups are accessing interfaces with extremely high privileges where mistakes can directly result in service disruption, compliance failure, and data breaches. They both need to be effectively managed to prevent security risk to the business.
ConsoleWorks offers organizations a single tool that can manage all privileged access in the organization. From operating systems to configuration ports, ConsoleWorks can control access, enforce permission models, and record (down to the keystroke) all privileged user activity for virtually any asset in the IT infrastructure.
Get the Solution Brief to learn more about privileged access management and the ConsoleWorks unified in-band and out-of-band solution.
Tags
Access Control Audit Automation Best Practice Change Management Compliance Configuration Configuration Ports Cyber Asset Cyber Security Detect Event Detection Event Lifecycle Management Events Forensic Records Healthcare HIPAA IEM Isolate IT Foundation IT Infrastructure IT Operations Log Files Monitoring MTTR NERC-CIP Out-of-Band Patching Patterns PCI Persistence Privileged Interfaces Privileged User Real-Time Records Remediation ROI Root Cause Security Security Risk Simplifying Work Solaris System Administrators Utilities Virtual Machine-
More Blog Posts
-
Plano, TX August 30, 2010 – TDi Technologies, the leader in IT Foundation Management, today unveiled new innovative Cloud Services for SMB Healthcare providers. The
-
By Pam Johnson TDi Technologies recently released three whitepapers on NERC-CIP that have proven to be extremely valuable to the Utilities industry at large. These
-
By Tom Kearns What is su? In Solaris server environments the su command (switch user) is often used to switch ownership of a login session
-
