Cybersecurity best practices network administrators should know

Cybersecurity best practices network administrators should know
It’s obvious that more and more devices, including IP cameras and NVRs, are online today. While the data they generate can help end user in various areas, they are also subject to cyberattacks and other vulnerabilities that may endanger the end user organization. In this regard, how to maintain the security of the network has become a megatrend and a top priority for network administrators, who can be assisted with device management software.
 
That was according to a recent blog post by Axis Communications. “Network administrators are under significant and increasing pressure to make sure their networks are designed and operated securely. So it is important that they have the right knowledge and tools to manage cybersecurity throughout the life cycle of the system,” it said.
 
What the post suggests as the cybersecurity best practices specific to managing network devices, as well as how device management software can help, are summarized as follows.
 

Keeping a complete device inventory

 
According to the post, a fundamental aspect of ensuring the security of an enterprise network is maintaining a complete inventory of the devices on it. “That is because any single overlooked device can be a means of entry for attackers,” it said. “Device management software gives network administrators an automated means to gain access to a real-time inventory of network devices. It lets them automatically identify, list and sort the devices on a network. As important, it lets them use tags so that they can group and sort devices based on criteria that suit a business’s unique requirements.”
 

Account and password policy

 
Authentication and privilege control are important parts of protecting network resources, and device management software can also help in this regard, the post said. “Device passwords tend to be shared within an organization. For example, employees occasionally need to adjust, optimize or troubleshoot a camera. The whole organization may eventually know the camera password which could result in deliberate or accidental misuse,” it said. “One way of addressing this issue is to create a multi-layered system of accounts with varying privilege levels, creating temporary accounts to grant temporary access as required – instead of sharing a single account. This would be a time-consuming process to handle manually, but device management software lets you easily manage these multiple accounts and passwords.”
 

Protecting against new vulnerabilities

 
According to the post, new vulnerabilities are continuously being discovered, and responsible manufacturers will release firmware to counter known vulnerabilities. It is then essential to always update quickly once this firmware becomes available. “The larger the network, the more effort it will take to update all your devices. Axis field tests revealed that on a network of 200 cameras, upgrading the firmware using a manual web interface would take 1,000 minutes compared to just 10 using device management software,” the post said. “In addition to the time saved, automatic notifications of new patch releases help ensure that the software is updated promptly – minimizing your network’s exposure to attack.”
 

Cost-efficient HTTPS management

 
Video systems may be subject to policy or regulations that require encrypting traffic, and there may also be a threat of spoofing, where a malicious computer on the network tries to impersonate a network device, the post said. “These threats are countered with HTTPS, which uses certificates, and the vast number of cameras can make the management costly in both deployment and lifecycle maintenance,” it said. “Device management software can reduce this cost to a fraction. They can act as a local certificate authority (CA) for cameras. By installing the root certificate in the VMS server it will ensure that the VMS server can detect if it is accessing a legitimate camera or not.”


Product Adopted:
Other


Share to:
Comments ( 0 )