Configuration ports on critical and non-critical cyber assets are important but often overlooked in the overall cyber security strategy. Virtually all electronic devices with communication capability have configuration ports, and these ports present an extremely high set of privileges that can be used to change almost anything on the target device. Failing to secure these ports results in a significant security risk.
Unfortunately, configuration port security is a commonly misunderstood area of cyber security. Security guidelines often provide broad statements such as “all ports should be either secured or disabled,” which obviously includes configuration ports. However, configuration ports should not be disabled as they are the default emergency access point for every IT device. Instead, they must be effectively secured.
To help businesses understand the importance and relevance of configuration ports to cyber security, TDi Technologies has produced a whitepaper on “Closing the Security Gaps” involving configuration port security. This whitepaper is intended to provide useful and educational content that can assist companies in maintaining a secure and reliable IT infrastructure.
This free whitepaper is available for download at the following location: Closing the Security Gaps: Securing Configuration Ports.
What is Baseline Configuration Management (BCM)? The devices comprising a business’s IT infrastructure store all kinds of configuration information, from functional settings to software versions to various other records and files. Most companies devise a configuration policy which defines how devices should be configured and how configuration changes should occur. However, in many cases the companies do not have the tools needed to confirm that devices are conforming to the policy.
This is where BCM comes in. The baseline configuration is a snapshot of the configuration settings at a specific point in time. The configuration settings defined as the “most secure” state of an asset can then be used as a baseline for comparison. Baseline Configuration Management involves periodically retrieving the configuration of the asset and comparing it to the baseline.
Not managing the baseline represents significant risk to the business. The best way to understand the importance of BCM is to recognize that any device that does not have the proper configuration has a security vulnerability that can be exploited.
Unfortunately, many companies perform BCM as a manual activity, meaning that it is expensive, time-consuming, and prone to errors. At TDi Technologies, we solve this challenge with a device and platform agnostic approach to BCM that considerably simplifies the work involved. The ConsoleWorks solution completely automates this process, from retrieving the configuration, comparing against the baseline, alerting on changes, to identifying where changes have occurred.
For more information on Baseline Configuration Management, download the free whitepaper: Baseline Configuration Management: Closing the Security Gaps
For information on Baseline Configuration Management specific to the Utility sector, download the free whitepaper and solution brief on our NERC-CIP & Smart Grid Solutions page.
What is Privileged Access Management? Privileged access management is a specific subset of access management where the interfaces being managed have a very high level of privilege associated with them. One of the most common examples of a privileged interface is an account on an operating system.
Privileged access occurs every day – for example, to manage business operations (typically in-band access at the operating system) and to support IT operations (typically out-of-band access at the configuration port). Both in-band and out-of-band groups are accessing interfaces with extremely high privileges where mistakes can directly result in service disruption, compliance failure, and data breaches. They both need to be effectively managed to prevent security risk to the business.
ConsoleWorks offers organizations a single tool that can manage all privileged access in the organization. From operating systems to configuration ports, ConsoleWorks can control access, enforce permission models, and record (down to the keystroke) all privileged user activity for virtually any asset in the IT infrastructure.
Get the Solution Brief to learn more about privileged access management and the ConsoleWorks unified in-band and out-of-band solution.