It’s all too easy to overlook the role that network ports play in business. Many people just view them as access points to the corporate network, with many being unaware of the potential security threats they represent.
This misconception is a challenge facing many IT professionals as they look to find a way to protect their business from port security threats.
In today’s IT enterprise, ports take two forms: the physical plug port i.e. the hole in the wall or the piece of IT equipment such as the router or computer, or the more ethereal network port, granting virtual access to different areas of a network.
Whilst there are benefits to both types of ports, it’s important to remember both forms pose a security risk.
No business expects all of their employees to be totally aware of all the security risks and pitfalls of the network. However, a basic understanding is essential in today’s IT enterprise.
Having said that, parallel to this businesses are implementing policies to streamline work processes, minimise disruption and maximise productivity. Subsequently, a plug and play ethos has been fostered which has permeated the modern workplace. Although this means more work gets done, it also means employees spend less time thinking about what they are plugging into or wirelessly connecting to – constant connectivity is expected with the assumption that everything is secure.
Employees need to realise that just because they’re in an enterprise environment, their IT isn’t automatically secure. For example, technology is shrinking and what were once innocuous pieces of technology such as power and internet adapters, are now capable of harbouring malicious technologies which can read communiqués or even hack into systems. People often make the mistake of plugging their hardware into these physical access ports without giving it a second thought, which can have devastating results.
The importance of network port security
It’s easy to see how physical ports can come unstuck, but what about those granting network access and remote connections? The reality is that these are equally vulnerable if left untended and can potentially have more fatal consequences given the ethereal nature and potential reach of the networks they gate keep.
Today, many businesses separate their guest and corporate networks to isolate what employees can access and what guests can access. However, not all organisations have the right security in place to prevent cross over between the networks. This can sometimes lead to outsiders accessing potentially sensitive corporate data through the guest network.
Similarly, employees on corporate networks, sometimes also find themselves with the ability to access networks, which contain financial or personnel data.
Port security best practice
To overcome this, businesses need to use a combination of walled garden and authentication technologies such as 802.1x to ensure the right people have access to the right areas. Port layer authentication technology will act as a safeguard so only approved people can access a network. Yet, it’s important that the application layer authentication is also implemented at the same time to ensure they only access what they have clearance to do so.
Similarly, when looking to secure guest networks, businesses need to ensure they have no special access to the internal network and require basic authentication to join. In most cases, companies should treat it the same way as they would open traffic from the Internet. And if they need to grant access to internal resources, they should make sure to segment these resources from other parts of the network.
For such a small and seemingly innocuous piece of technology, port security is a topic of great importance and IT pro’s need to take multiple steps to protect against port security threats. In order to safeguard the network, it’s not just a case of having the right technologies in place; it’s also about educating the workforce of the risks plugging into insecure ports pose.
Image source: Shutterstock