Presentation is loading. Please wait.

Presentation is loading. Please wait.

What is on your Business Network

Published byBethanie Lisa Brown Modified over 6 years ago

Similar presentations

Presentation on theme: "What is on your Business Network"— Presentation transcript:

1 What is on your Business Network
How to secure your business with today’s Internet risks June 20, 2017 David Mandala

2 Who is David Mandala? I’ve worked in the Electronics and Computer Industries for 40+ years. I’ve been with 7 startups, the principal of 3 of them. Spent the last 10 years developing embedded computer operating systems or improving them. Ubuntu Linux for ARM System on Chip (SoC). Improving Linux for the ARM SoC’s with Linaro. Standardization of the 96Boards platform so that binaries run on any board without recompilation of source code. Started Secured by THEM LLC to specifically help small businesses secure their business computers and networks. Copyright Secured by THEM Slide

3 I’ve come to talk to you about office network security
Today the Internet is pervasive, nearly every business has an Internet connection. Weekly you see in the news new computer ransomware or leeching attacks (data loss). Target Chipotle & Pizzeria Locale The Buckle Inc. 450 stores hit between Oct. 28, 2016 and April 14, 2017 InterContinental Hotel Chain 1,175 properties on the list: Holiday Inn Express (781), Holiday Inn (176), Candlewood Suites (120), Staybridge Suites (54), Crowne Plaza (30), Hotel Indigo (11), Holiday Inn Resort (3) Other hotel chains: Kimpton Hotels, Trump Hotels (2x), Hilton, Mandarin Oriental, and White Lodging (2x). Card breaches also have hit hospitality chains Starwood Hotels and Hyatt. Laptops are more prevalent, a lot of small business owners are both working from home and from a small office.

4 I’ve come to talk to you about office network security
Today the Internet is pervasive, nearly every business has an Internet connection. Smart low cost Devices are widely available, they are connected to the Internet. They are called Internet of Things or IoT for short Billion were connected to the Internet at the end of 2016, 20.8 Billion expected by 2020. These devices can easily end up in your office providing points behind your firewall to attack your business computers and network from. If you use a home office, it is likely to be even riskier. More IoT devices, more friends connecting unknown devices to your network.

5 Some of the smart devices available
There are more more than 43 classes of IoT devices sold on Amazon alone: Smart Lightbulbs Smart Locks Smart Wall Plugs Smart Light Switches Smart Wall Touchscreen Smart Thermostat Smart Garage Door Opener Smart Blinds Smart Curtains Amazon Alexa Amazon Dot Smart Keyrings Smart Egg Minder Smart Blu-Ray Player Smart TV Smart Outdoor Switch/Plug Smart Trackers (keys, luggage, etc) Smart Speakers Smart Cameras (security) Smart Alarm Systems Smart Pet Feeder Smart Smoke Detector Smart Carbon Monoxide Detector Smart Air Quality Detector Smart Landscape Lighting Smart Home Controller Smart Doorbell Smart Pet Treat Feeder / Camera Smart Weather Station Smart Plant Watering Device Smart Garden Sensors Smart Picture Frames AeroGarden with WiFi Smart Plant Pots Smart Sprinkler Controller Smart Crock Pot Streaming Media Player Smart Coffee/Tea Pot WiFi Video Projector Smart Robot Vacuum Smart Range Smart Microwave Smart Dishwasher

6 How can we tell what is on a network
To protect a network we need to know what is on the network, how do we do that? Use NMAP to do scans of the network A fast lightweight ping scan can be done in seconds, but does not tell us much about devices attached to the network. So use to identify hosts that need deeper scanning. We log the results to the cloud. A deeper OS fingerprinting scan is run based on the ping scan. We get info on what OS the device runs. This is also logged to the cloud. A deeper full port scan is run on discovered devices. This is also logged to the cloud. We build a map of the machines on the network, the ports they use over time. This becomes the baseline of the network.

7 How can we tell what is on a network
Once we build a map of the machines on the network, and the ports they use over time. Compare this to a manual inventory of the network, they never match. Have to locate the extra hardware and determine what is actually needed. We run continuous scanning of the network. All sent to the cloud. We compare the current scan to the baseline scan, We do not alert if machines are missing, it’s a normal condition. Machines come and go all the time. If extra machines are found alarms are sent. Most alarms are false, business added more machines, forgot to call. If new ports on an existing machine are opened we alert. Usually caused by software upgrade or new software added to the machine.

8 How can we tell what is on a network
Also use NMAP to do scans of the firewall from the outside. If the company has a stateful firewall sometimes sets off alarms. Can spot misconfigured firewalls sometimes. Do a manual review of the firewall, make sure security holes are turned off. Shocking how many firewalls have UPnP turned on by default. This is a mistake. What are the problems with UPnP? Programming Errors – there are oversights in the actual code for UPnP implementations that can be exploited by malicious users, allowing them to execute harmful code through injection. Unintended Exposure – the purpose of UPnP is to make devices on a network easily discoverable by other devices on that network. Unfortunately some UPnP control interfaces can be exposed to the public Internet, allowing malicious users to find and gain access to your private devices. If a malicious device gets installed behind your firewall it can open holes in your fireall.

9 How can we tell what is trying to access the network
We make use of managed switches to setup a monitor port on the firewall Allows use of Snort to see attacks on machines that access the internet. Using Open Source rulesets, could use commercial rulesets if desired. If Snort alerts we send alarms specific to the machine that was attacked. Allows logging of every data packet that traverses the firewall. Packets are stripped of the data load and IP and port info is logged for 90 days Outside IP addresses are matched against a GEO-IP database to determine who/what each data packet connects to. Daily traffic reports are generated. Particularly useful if Snort warned that a machine was attacked but attack was thought to be unsuccessful. Can watch the traffic for a few days just to make sure nothing unusual is happening. Can also see if large amounts of data are going to “odd” places.

10 What easy steps can I take to secure my network
For wired devices use managed switches to setup vlans (virtual lans) to isolate classes of devices from other devices. Flat networks are old school, with the advent of low cost managed switches even small businesses can afford to have a layered network. Put wired IoT devices on their own vlan, if you have enough IoT devices out classes of devices in vlans (they are cheap to create). Put all of your “Smart” IoT WiFi devices on their own “guest” network. By doing that they don’t share your office network and they can’t reach anything in your office.

11 What easy steps can I take to secure my network
If you provide WiFi access for your customers when they visit your office, have a private “guest” network for them, separate from your primary network and separate your “IoT” network. Remember their computers could be compromised and have viruses or already be cracked by criminals. Make sure all of your guest networks have strong password protection. If you don’t need WiFi for your office network, don’t set it up, the safest network requires physical access, if the only way to access your network is via wire it’s more secure. Remember WiFi goes through walls and ceilings, someone could be in the parking lot or in a multistory building above or below you trying to access your network.

12 What easy steps can I take to secure my network
Where possible you can greatly add to your data security by: Encrypting the entire hard drive. Adding 2 factor authentication (2FA) Turn off devices when not in use. You can use 2FA with many social sites, if they offer it, use it. Some mobile phones offer 2FA making use of the fingerprint scanner some mobile phones have built in. Better than nothing but not a great idea, you leave copies of your fingerprints EVERYWHERE! They can be copied and used against you.

13 What easy steps can I take to secure my network
Backup your data daily. This should be part of your daily process, do work, backup work. If you don’t you have no one to blame except yourself if you lose data in a ransomware attack. Finally most importantly use STRONG PASSWORDS on all of your computer systems. Use password manager software if you can’t remember long passwords, then protect the password manager software with a long passphrase, characters long. LastPass 4.0 RoboForm 8 Everywhere And don’t write down passwords EVER.

14 If I do everything you suggested will I be secure?
You’ll be more secure than if you don’t, but the truth is this only scratches the surface. There is no such thing as a completely secure device, only levels of security. Security is like an onion, the more layers you have the more secure you are. Criminals can still crack your firewall, or infiltrate via attachment. Everyone’s network is different, I can’t address exact issues in a general talk. Feel free to reach out and talk with me. (info at them dot com)

15 Questions?

16 Reference Links Password Vault: Whole disk encryption: Comparsion of veracrypt and bitlocker: Secured by THEM or or (469)

17 Thank you for your time. Who’s on your Network? June 20, 2017
David Mandala Who’s on your Network?

Download ppt "What is on your Business Network"

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Backing Up Your Computer Hard Drive Lou Koch June 27, 2006.

Backing Up Your Computer Hard Drive Lou Koch June 27, 2006.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Chapter 1 - Introduction to Computers and the Internet Basic functions of a Computer Input – entering info into the computer (e.g. keyboard, mouse, mic,

Chapter 1 - Introduction to Computers and the Internet Basic functions of a Computer Input – entering info into the computer (e.g. keyboard, mouse, mic,
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.

Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
Part of the BRE Trust Protecting People, Property and the Planet Smart Buildings and Security: Developing a unified approach Will Lloyd BRE Global Limited,

Part of the BRE Trust Protecting People, Property and the Planet Smart Buildings and Security: Developing a unified approach Will Lloyd BRE Global Limited,
© 2004 Control 4 August 4, 2015 Control4 Get the most out of your home.

© 2004 Control 4 August 4, 2015 Control4 Get the most out of your home.
Ch 20 Q and A IS333, Spring 2015 Victor Norman. Universal Service Means every computer can talk “directly” with every other one. A message is not addressed.

Ch 20 Q and A IS333, Spring 2015 Victor Norman. Universal Service Means every computer can talk “directly” with every other one. A message is not addressed.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
Do you know how to keep yourself safe?

Do you know how to keep yourself safe?
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Networks and Hackers Copyright © Texas Education Agency, 2013. All rights reserved. 1.

Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.
The essentials components of the computer.  The case: the box that holds lots of parts in a computer.  The motherboard: holds and connects all the important.

The essentials components of the computer.  The case: the box that holds lots of parts in a computer.  The motherboard: holds and connects all the important.
Networking Two or more computers linked together so that it is capable of sending messages between them. Network Stand Alone Computer.

Networking Two or more computers linked together so that it is capable of sending messages between them. Network Stand Alone Computer.
Definitions What is a network? A series of interconnected computers, linked together either via cabling or wirelessly. Often linked via a central server.

Definitions What is a network? A series of interconnected computers, linked together either via cabling or wirelessly. Often linked via a central server.

Similar presentations

Ads by Google