//
you're reading...
IT & TECHNOLOGY, Palo Alto Networks

There’s No “I” in Secure Network: User-Based Access Policy is a Team Effort


PANW-New-Logo-3

Today’s cyber attackers have proven themselves far more capable and committed, stopping at nothing to access the pools of valuable data that uphold the integrity and reliability of your business. To maintain a strong security posture and prevent cyber breaches, leverage User-ID™, user-based access controls, on your next-generation firewall (NGFW) to safely enable the applications and technologies required to drive your business forward. User-ID significantly improves network visibility by mapping network traffic to specific users, rather than IP address, and offer several features to protect your network and help block potential threats at every stage of the typical attack lifecycle.

  • Access controls can be applied to ensure that only valid, approved users can access necessary assets and data. Note, however, that legitimate users are not threat free. Threat prevention should also be applied to the network to protect systems and application vulnerabilities from exploitation.
  • Leverage User-ID controls to identify and block malicious command and control traffic.
  • In the event of an infection or data breach, control sensitive data exfiltration by ensuring every user, even infected users, can only access a small subset of the network.
  • Leverage user-based reports and breach forensics for a complete, accurate analysis of the breach to help with future policy implementation.

User-based access controls are steadily becoming in integral component of the network security infrastructure and threat prevention measures. However, it’s important to understand that establishing and implementing a user-based security strategy and policy is not a single team’s responsibility, and should be rooted in the business leadership team’s position on cybercrime prevention. Given the recent spate of high-profile cybercrimes, security is now being discussed at the boardroom level. Leverage the heightened security awareness to build a business case for user-based access policy with the leadership team, and work in tandem to create business policies to simplify and reinforce the implementation. The leadership team’s support will be helpful during policy roll out, and when making necessary adjustments, such as denying access to certain websites, or to help ease the minds of less-than-patient users in the face of issues that need to be ironed out.

Beyond the organization’s leadership, User-ID access policy requires coordination and buy-in from several teams to ensure a seamless adoption and execution. Here are a few examples of who should be involved in the planning and implementation of user-based access policy:

IT Architects

The IT architects know the ins and outs of accessibility. They can offer insight regarding which users log in to the network from various office locations, and whether those users require access to resources that may be safeguarded by NGFWs in other locations.

IT & Security Operations

When it’s time to roll out the new user-based access controls and policy created with User-ID, the IT & Security Operations team will be critical to the execution, helping to troubleshoot any issues associated with implementation. Make sure to provide the proper training so that they are equipped to handle the higher-than-average volume of help desk tickets and user accessibility inquiries.

IT Administrators

Administrators are vital in providing user identity information on which to frame user-based access controls and policy around:

  • Network Admins: As device owners, network admins can provide user identity information from Wireless LAN controllers, NAC devices or VPN gateways
  • Directory Admins: Work with directory admins to gain valuable user identity information from directory servers, such as Active Directory
  • Enterprise Services Admins: To define user-based access requirements for enterprise services, like SAP for example, security practitioners must team up with enterprise service admins
  • Endpoint Admins: In addition to traditional VPN remote access and secure connectivity, coordination with endpoint admins is necessary to ensure user-based access controls extend to the mobile workforce

Implementing User-ID access policy on your Palo Alto Networks NGFW, with the participation and buy-in of all appropriate groups, will aide in meeting your organization’s goal to reduce individual users’, and the entire networks’, risk of infection.

To learn more about the benefits of leveraging User-ID, user-based access controls, on your Palo Alto Networks NGFW:

[Palo Alto Networks Research Center]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 115,124 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,068 other followers

Twitter Updates

Archives

January 2017
M T W T F S S
« Dec   Feb »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
%d bloggers like this: