Sooth Network Management Automation Prevents Security Breaches
Sooth, Inc.
There's an easy way to catch every accident when something goes wrong on a network. Just show up every time there is either:
Security Breaches
Industry reports vary between 60%-90%, but it is safe to say that more than 60% of all security breaches and network outages are the result of human actions. Most actions are non-malicious, but the results can certainly be devastating. Interestingly enough, industry reports also report that only 8% of breaches to be purely technical failures. The inherent conflict in these statistics indicates a higher level of breaches due to human actions. Many breaches go unreported. Amazingly, with all our complicated and expensive, security measures, change control practices, the IT industry STILL cannot help breaking things it touches on a regular basis.
Sooth network management automation prevents these breaches and outages through applied common sense. Sooth establishes control over change and human interaction with your Cisco® network and prevents unauthorized activities. More importantly, Sooth automations eliminate reasons for IT staff directly touch a Cisco® device on your network. This single, simple idea drives enormous improvements: what a human being can't touch, a human being can't break.
The beauty of the Sooth network management automation is that after it is configured for a specific network and plugged in, it does the majority of the required work. Like network technicians “in a box”, Sooth’s solutions absorb the majority of network management tasks for a Cisco® network. Certainly this reduces the effort required to manage networks, but by limiting human involvement, most common errors are prevented from occurring. It does so by eliminating opportunities for “work-arounds” or short-cuts and only accepting best practice behaviors by network technicians. Once network device configurations are established, the configurations are "locked down" by Sooth's automations and don't require attention unless the device fails. A Sooth managed network enjoys vastly improved security and performance. A Sooth managed network is also a highly compliant network, whether the compliance need is Sarbanes-Oxley, Payment Card Industry (PCI), HIPAA or others.
To illustrate how humans can make mistakes that can (and do) enable security breaches, consider the following situation that can occur in almost any organization. Users in a department call the Help Desk and notify them that they can’t access a server, or the Internet or their email, etc. After a few qualifying questions, the Help Desk files a ticket that immediately notifies Network Management. Ten minutes pass and now the Department VP gets involved. “I don’t care what it takes, get it fixed now”, he justifiably demands. Network Management sees the problem: a failed device (a switch or a router for instance) and begin remediation efforts immediately. They find a replacement device and send out a technician to replace the failed device as this is the quickest method to bring the network back up. Ten more minutes pass. The technician locates the failed device and deactivates it to shut it down. To fix the problem quickly, rather than troubleshoot the device, the technician decides to replace the device with the spare. He gets a call from Network Management to let him know that the VP is calling again and another problem has occurred two floors down. The technician makes an “executive decision” and installs the device, but uses the default credentials and configuration to make it happen quickly. He’ll be back to fix it “just as soon as he’s done downstairs”. He quickly brings the device back up with the default credentials, checks to see if the Department has access, and literally runs downstairs thinking “I’ll run right back and install the proper credentials after I put out this fire”. Unfortunately, the next problem is much bigger and takes all evening to fix, and he forgets about resetting the defaults. Since the problem is fixed, the help desk confirms with the users and closes the ticket, but all the work isn't really done. The default credentials and configuration remain on the device. Hackers now have a way in.
It can happen today, tomorrow or next year and it can happen in any organization.
A breach will happen unless these types of failures are prevented. It's only a matter of time.
Sooth’s network management automation prevents this and many other types of human errors from occurring. By applying and enforcing best practices that won’t accept this type of error to occur, the default credentials in this example, would have never been allowed. The device would have been ignored, the users would not have access and the technician would have had to do his job correctly before moving on to the next task.
“Wouldn’t it take longer to fix the next problem?” Possibly, but avoiding the breach and having the network configured to best practice and/or required specifications is far better than a few minute delay. Besides, once the best practices become automated, fewer and fewer problems will surface. Having proper credentials and being able to demonstrate this fact is also a business requirement for many standards/regulations such as Sarbanes-Oxley, HIPAA or PCI. Risk managers can mark one area off their many lists of concerns.
The benefits of automation also help organizations avoid many other types of risks. A Sooth managed network will prevent unauthorized users from logging into a network without approved login credentials. A failed attempt will result in no second attempt. Sooth automation will isolate the suspicious attempt, notify the Network Administrator and prevent a second attempt. This totally prevents “dictionary attacks” by ignoring subsequent attempts after a failed attempt. Users will have to be more careful, just like the technician above, but security will remain intact.
Of course network changes must be allowed as the organization or the structure of the network changes. SUPERVISOR™ becomes the “army” of technicians needed to accomplish tasks with incredible savings in both cost and time. However it is also true that these technicians only execute changes according to best practices. For instance, work may only be executed during a declared maintenance window. From a process standpoint, SUPERVISOR™ always starts the job from the same point, always controls the execution to provide the highest degree of safety to the network as a whole, and always performs post-configuration duties. In fact, the process SUPERVISOR™ uses is so compliant with best practices, that even if a malicious configuration change somehow made it through the two step approval process and causes a failure at any point in the network -- the affected device would automatically be returned to its previous, compliant, working configuration, the action noted in the log and the administrator would be notified of the action. Once installed, SUPERVISOR™ immediately becomes an “irreplaceable employee” to run networks securely, safely and efficiently.
Automation solutions from Sooth will deliver instant results in efficiency, performance, security and compliance, like technicians “in a box” 24x7x365.
©Sooth, Inc.
2009 All Rights Reserved
Sooth, Inc. has developed sophisticated automation technology to automate tier 1 and tier 2 network management tasks for Cisco® networks while applying best practice standards, methods and procedures to take control of most aspects of network management. Sooth’s products SEER™ and SUPERVISOR™ are patent pending. For more information, please see www.sooth.us. |
