How important to you and your company is it to prevent cyber criminals from attacking your network and exploiting vulnerable services and settings? If you are not actively implementing and managing a security configuration of network infrastructure devices, you need to read this.
CIS Control 11 is next up in The IT Company’s CIS Controls blog series!
Secure Configuration for Network Devices such as Firewalls, Routers and Switches is the official title of CIS Control 11. The Center for Internet Security, defines this control as “Establishing, implementing, and actively managing the security configuration of network infrastructure devices, using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.”
So what exactly does that look like for a company? Essentially CIS Control 11 is taking every network device configuration and comparing them to different approved security configurations that have been defined for each of the networks in use. Then in order to have this information be beneficial, there should be an automated alert when there are any deviations found between the network device configuration and the security configuration.
When cyber criminals attack, they are in desperate search for any small gap they can get in. The attacker looks for any vulnerable default settings, inconsistency in firewalls, routers and switches. If they are able to find any, they use these as a defense in order to exploit these gaps. Which then allows them to gain access to private networks, have capabilities to redirect the traffic on a specific network, as well as interfere with information coming in. By having such power through these flaws, the attacker is then able to access data on the network and make changes. This can even give the attacker enough power to pose as another trusted system on the network.
In addition to this comparison between the network device configuration and the security configuration, CIS Control 11 also takes on the responsibility of managing all network devices. The management of network devices here is done by the usage multi-factor authentication and encrypted sessions.
There is a high priority on not just implementing CIS Control 11, but constantly managing it. All configurations as well as all allowed traffic flows, must be scanned regularly, in order to have CIS Control 11 be integrated in its fullest capacity.
The main reason that CIS Control 11 is critical to you and your company is because of the lack of maturity default configurations have in terms of security. Most commonly, manufacturers and resellers primarily steer toward appealing to customers through the ease of usage, rather than security. Consequently, the configurations for these network infrastructure devices, reflect just that- leading to major exploitable material on the devices. “Open services and ports, default accounts or passwords, support for older protocols, and pre-installation of unneeded software” are all vulnerable and at risk of exploitation when left in their default configuration.
If you ask any IT company or anyone in the technical field, it is highly likely they will share the importance of CIS Control 11 and how dangerous it can be if there is a lack of security in this perspective.
Trust us at The IT Company when we say this is not something you want to take lightly. The implementation and continual management of network configurations is vital.