The Best Technology is Still no Match for Human Errors in Network Security

Whether it's manual configuration errors being botched, a slip in forgetting to lock up physical access to the racks or failing to do sufficient testing before deploying a new application, the best network security technology simply can't protect against human error, which is still a leading cause for breaches. By

Whether it's manual configuration errors being botched, a slip in forgetting to lock up physical access to the racks or failing to do sufficient testing before deploying a new application, the best network security technology simply can't protect against human error, which is still a leading cause for breaches.

By Chris Talbot

Configuration errors are the number one factor for human error causing a network security breach, Mav Turner, director of strategy for SolarWinds' security portfolio, told FierceEnterpriseCommunications in an interview. Turner indicated that when he talks to customers about configuration errors, it resonates very strongly.

Related: Why Everybody Loves (And Hates) Security

But sometimes simple mistakes or a lack of knowledge about other aspects of security open the network up to attacks. For instance, physical security is a huge problem, Turner said. It's a topic most IT security professionals aren't very familiar with, but once someone with malicious intent has access to devices, whether they're in a wiring closet on premises or in a data center, causing damage or stealing data is a trivial exercise, he said.

Having some physical security understanding can help to protect against such unwanted access, Turner said.

Another common issue is making any change necessary to resolve a network outage. When everyone in an organization is screaming that the network is down, network administrators frequently take any action to get the network up again, even if that means removing elements of security, Turner explained.

Related: The Sky Isn't Falling in IT Security as Some Might Suggest

"The goal from a network perspective is to maintain uptime and ensure availability of service. Security comes second to that," Turner said. Being able to do both is difficult at the best of times, and nearly impossible when all hell is breaking loose.

For top security, though, all changes need to be validated to make sure no security holes are created. Each change should be tested, but the reality is many changes are made on the fly to ensure availability, sometimes resulting in a security layer that looks like Swiss cheese, Turner said. The same happens in deploying new applications.

"If at all possible when you're deploying new applications, make sure you have a testing phase built in," Turner said.

Related: How Cloud is Getting Security Right

The easiest way to ensure network security, though, is to standardize configurations and policies across the entire network and monitor for anomalies, Turner said. Adding as much automation as possible also ensures the network stays secure.

"Assume that it's not secure, and then do everything you can to secure it," Turner said.

comments powered by Disqus

What's New