Ruckus has just published a new e-book titled “Seven Network Access Security Risks—and How They Can Lead to a Data Breach.” It focuses on faulty network access security as a risk area that can lead to data compromise. As the title implies, this e-book outlines seven distinct risk areas that IT organizations should be aware of, especially when it comes to providing connectivity for BYOD and guest users.
As detailed in a previous Ruckus blog, “What’s wrong with PSKs and MAC authentication for BYOD?”, default methods of network onboarding and authentication have serious security flaws that can leave you open to data compromise. These security holes get less attention that more high-profile threats like ransomware, but the dangers are still very real. Sometimes it’s the attack surface that you aren’t thinking about that attackers seek to exploit.
Linking IT security risk areas to the potential for a data breach
Sometimes the link between a threat vector and the risk of data compromise is obvious. Keylogging malware tracks a user’s every keystroke, including when they type in their username and password for cloud-based business applications. Email phishing attacks compromise credit card numbers or other sensitive data by tricking users into entering them into a website that spoofs a legitimate site. Misconfigured cloud storage can leave sensitive data just hanging out there on the web for attackers to steal. All of those are obvious ways that attackers can get at your data.
Network access security is a category where the linkages may be less obvious. The point of the new e-book is to help clarify the connection between this risk area and a potential breach. It’s a highly accessible way to increase your knowledge of this often-overlooked area of the IT security domain—a five-minute read covering an underestimated attack surface in modern IT environments. This document can help you keep other stakeholders in your organization informed about the risks as well, so feel free to pass it along. We should emphasize that no registration is required to access the e-book—just read and enjoy.
Here’s just a taste of one of the seven ways that poor network access security maps to data compromise. Risk area number four in the e-book is that without proper controls in place, users can get broader access to network resources than is appropriate. Proper data governance requires access to resources on a need-to-know basis. You might be wondering what would constitute proper controls in this context—you’ll find the answer to that in the e-book. Another recent Ruckus blog, titled “Eastern Europe bank hack highlights the need for network access security,” also provides useful background on this aspect of secure access.
More thoughts on data compromise
We blogged last year about the definition of a data breach. Ten or fifteen years ago data breach events were much less common than they are today. These days, it seems as if major breaches occur all the time. Krebs on Security and CyberScoop are two great websites to follow if you are interested in this topic.
Not every malicious attack represents an attempt to steal sensitive data—for example, crypto-mining malware seeks to steal computing resources for monetary gain. A denial of service attack tries to bring down a system, website or network. Likewise, not every data breach is caused by malicious activity. Sometimes data compromise happens due to human error. But preventing data breaches caused by malicious attackers is the primary driver of a large portion of the IT security industry.
Dark Reading reported recently on a security breach study from Risk Based Security that found 2018 was the second most active year on record in terms of the number of data breach events. They counted over 6,500 breaches in 2018, the large majority categorized as “hacking.” Several of the network access security risks outlined in the new Ruckus e-book would seem to fall into this category—although a lot of other attack scenarios would also fit that description.
Conclusion
If you would like to dive deeper into risk areas related to network access security, you can have a look at the recent ESG white paper “Does Your Method for BYOD Onboarding Compromise Network Security?” You can access this in the form of a dynamic website or go straight to the PDF version. When you are ready to address some of the security issues described in the e-book and the white paper, Ruckus Cloudpath Enrollment System is definitely worth a look. It’s our SaaS/software for secure network onboarding, and it’s a great way to shore up your defenses with strong network access security.