Download there`s no “i” in secure network: user-based

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts
no text concepts found
Transcript 
INFO & INSIGHTS
THERE’S NO “I” IN
SECURE NETWORK:
USER-BASED ACCESS
POLICY IS A TEAM EFFORT
Today’s cyber attackers have proven themselves far more capable and committed, stopping at nothing to access the pools of valuable data that uphold the integrity and reliability of your business. To maintain a strong security posture and prevent cyber breaches,
leverage user-based access controls to safely enable the applications and technologies
required to drive your business forward. User-based access controls significantly improve
network visibility by mapping network traffic to specific users, rather than IP addresses,
and offer several features to both protect your network and help block potential threats
at every stage of the typical attack lifecycle.
• Access controls can be applied to ensure that only valid, approved users can access
necessary assets and data. Note, however, that legitimate users are not threat-free.
Threat prevention should also be applied to the network to protect systems and
application vulnerabilities from exploitation.
• Leverage user-based controls to identify and block malicious command-and-control
traffic.
• In the event of an infection or data breach, control sensitive data exfiltration by ensuring every user, even infected users, can only access a small subset of the network.
• Leverage user-based reports and breach forensics for a complete, accurate analysis
of the breach to help with future policy implementation.
User-based access controls are steadily becoming an integral component of the network security infrastructure and threat prevention measures. However, it’s important
to understand that establishing and implementing a user-based security strategy and
policy is not a single team’s responsibility; it should be rooted in the business leadership
team’s position on cybercrime prevention. Given the recent spate of high-profile cybercrimes, security is now being discussed at the boardroom level. Leverage the heightened
security awareness to build a business case for user-based access policy with the leadership team, and work in tandem to create business policies to simplify and reinforce the
© 2016 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark of Palo Alto Networks. A list of our trademarks can be found at
http://www.paloaltonetworks.com/company/trademarks.html. All other marks mentioned herein may be trademarks of their respective companies.
INFO & INSIGHTS
i­mplementation. The leadership team’s support will be helpful during policy rollout and
when making necessary adjustments, such as denying access to certain websites or helping
ease the minds of less-than-patient users in the face of issues that need to be ironed out.
Beyond the organization’s leadership, user-based access policy requires coordination and buyin from several teams to ensure seamless adoption and execution. Here are a few examples of
who should be involved in the planning and implementation of user-based access policy:
IT Architects
The IT architects know the ins and outs of accessibility. They can offer insight regarding which users log in to the network from various office locations, and whether those
users require access to resources that may be safeguarded by next-generation firewalls
­(NGFWs) in other locations.
IT & Security Operations
When it’s time to roll out the new user-based access controls and policy, the IT &
Security Operations team will be critical to the execution, helping to troubleshoot any
issues associated with implementation. Make sure to provide the proper training so
that they are equipped to handle the higher-than-average volume of help desk tickets
and user accessibility inquiries.
IT Administrators
Administrators are vital in providing user identity information on which to frame
user-based access controls and policy around:
• Network Admins: As device owners, network admins can provide user identity
information from Wireless LAN controllers, NAC devices or VPN gateways.
• Directory Admins: Work with directory admins to gain valuable user identity
information from directory servers, such as Active Directory®.
• Enterprise Services Admins: To define user-based access requirements for
­enterprise services, like SAP, for example; security practitioners must team up
with enterprise service admins.
• Endpoint Admins: In addition to traditional VPN remote access and secure c­ onnectivity, coordination with endpoint admins is necessary to ensure
­user-based access controls extend to the mobile workforce.
Implementing user-based access policy, with the participation and buy-in of all appropriate
groups, will aid in meeting your organization’s goal to reduce individual user’s – and thereby
the entire network’s – risk of infection. To learn more about user-based access controls and
policy, check out the PAN-OS Administrator’s Guide on the Palo Alto Networks website.
© 2016 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark of Palo Alto Networks. A list of our trademarks can be found at
http://www.paloaltonetworks.com/company/trademarks.html. All other marks mentioned herein may be trademarks of their respective companies.
Related documents
Terms and Conditions
Terms and Conditions
best practices - Palo Alto Networks
best practices - Palo Alto Networks
Porcelanosa Warranty
Porcelanosa Warranty
Actors behind advanced threats - Med-IT
Actors behind advanced threats - Med-IT
Evolution and Development - Acceleration Studies Foundation
Evolution and Development - Acceleration Studies Foundation
Intelligent Narrative Technologies: Papers from the
Intelligent Narrative Technologies: Papers from the
A Microeconomic View of Data Mining
A Microeconomic View of Data Mining
Hymn Reading 101
Hymn Reading 101
View Score PDF
View Score PDF
TERMS AND CONDITIONS OF USE FOR WWW.ENDOLOGIX.COM
TERMS AND CONDITIONS OF USE FOR WWW.ENDOLOGIX.COM
The Romantic Period
The Romantic Period