Here’s something to consider if you are running a mixed environment with systems on your network from a variety of manufacturers. You may think you’re “a Windows shop” but unless Microsoft started making printers and switches, and you managed to talk the security guy out of his Linux box and the marketing wizard out of her Mac, then there are all kinds of things running on your network that never came out of Redmond. To keep yourself, your data, and your systems protected, you need to run vulnerability scanning software. In a mixed environment such as yours, here are nine things you need to know about doing this.
1. There’s more on your network than just Windows
Take inventory of all the different things on your network, and look for a vulnerability scanner that can address most if not all of them. You have workstations, servers, routers, switches, firewalls, VPN concentrators, printers, tablets, and phones all connecting to your network. And you probably have multiple vendors represented in each of those. Make a list, and find the app that has the best coverage for your needs.
2. BYOD doesn’t have to be the enemy
People fear BYOD because they think the devices are beyond their control, but a good vulnerability scanner can scan personally-owned tablets just like it can scan domain joined servers.
3. Phones need patching too
Everyone has a phone, and most connect that phone to your email system. Use a vulnerability scanner to analyze those phones to make sure they don’t introduce a way into your data.
4. Don’t forget the network gear
Cisco gear and all the rest run operating systems too. They’re called firmware but they have bugs and vulnerabilities just like any desktop or server. You want a vulnerability scanning application that can assess the core pieces of your network infrastructure.
5. Virtual machines can still have real threats
Physical or virtual shouldn’t matter; you want your vulnerability scanner both able to run on a VM, and scan VMs for issues. Make sure your vulnerability assessment application is fully compatible with your VM platform(s) so they don’t get left out.
6. It can be hard to keep up. You need help.
Vulnerability scanners need to be updated on newly discovered vulnerabilities. Select a vulnerability scanner that can update itself, but look for one that can keep you up to date too with reports that inform you of what is new, and what it has found on your network.
7. It’s part of the complete package
Vulnerabilities are not just addressed by scanning. Patch management, antivirus software, VPN clients, and encryption all help to protect against threats. Select a vulnerability scanner that can work with your other layers of defense to make sure you cover every possible threat vector, and can use your vulnerability scanner to get a full view of your systems.
8. Unlicensed software is a threat
With unlicensed software you are not only at risk of fines, but not benefiting from the latest updates. If it’s unlicensed, you didn’t install it, don’t know it’s out there on your systems, and so you aren’t tracking it for patches and updates. Use your vulnerability scanner to assess installed software so you can stay in compliance with licensing, and know what to watch out for on the vendor announcements.
9. Compliance is good
Not just licensing compliance, PCI DSS compliance as well. Vulnerability scanning can be a key role in meeting the requirements of PCI DSS compliance, as well as other key regulations like HIPAA and SOX. Making sure your vulnerability scanner can assess the different systems on your network helps ensure there are no gaps in your compliance plan.
With so many different systems and devices on your network from so many different vendors, having a vulnerability scanner that can cover them all is the best way to make sure nothing slips through the cracks. Choose a vulnerability scanner that can handle your heterogeneous network and all the devices that you, and your users, connect to your systems.
This blog post was written by Peter Williams on behalf of GFI Software.
GKM2′s remote network monitoring and managed services solution provides you with enterprise level monitoring capabilities, server patching and vulnerability scanning at a fraction of the cost. Call us on 1300 797 288 or contact us for more information.