Remote Infrastructure Monitoring
Remote infrastructure monitoring is a critical task for managed service providers (MSPs). In fact, it informs nearly every step of the information security process.
According to security experts at the SANS Institute, the overarching goal of information security is to:
- Identify critical network assets
- Locate these network assets
- Build protections around these assets while still preserving functionality
Remote Infrastructure Management for High-Priority Data
That’s information security in a nutshell. Yet it’s clear from this framework that information itself is crucial.
The SANS experts argue that poor infrastructural monitoring leads to subpar security. Many organizations lack deep knowledge about their critical assets, the authors note. And because of this, they respond with “uniform protection.” In this approach, every system across a network is understood to be equally important — and thus must be monitored with equal vigilance for any indications of malicious activity.
This is clearly a problem. When all systems are treated the same, costs will rise. To increase security monitoring, IT pros have to dramatically scale up. Additionally, a uniform protection approach doesn’t only require increased technology. With increased security monitoring, more staff are required to analyze the mountains of collected data.
For MSPs, remote infrastructure monitoring is important because it lays the bedrock of informed decision-making. Resources are inherently limited. The highest-priority data should be given the highest-priority security.
So, what are some of this high-priority data?
You can start with sensitive personally identifiable information. According to the U.S. Department of Labor, personally identifiable information, or PII, allows the identity of an individual to be revealed through direct or indirect means. Some PII may not be sensitive, such as publicly available information that can be gathered online or in phone books.
Sensitive PII, on the other hand, represents a major risk. This information includes bank records, credit card information, biometric information and health records, along with other information that could potentially harm an individual if revealed.
It was sensitive PII — about 70 million credit and debit card records — that was breached in 2013 when hackers penetrated the networks of retail giant Target. But this breach was entirely preventable had IT professionals properly identified the location of this sensitive data and taken the right steps to safeguard it. Target’s mistake is an object lesson for MSPs and a reminder why remote infrastructure monitoring is so crucial.
Casualties of Human Error
Sensitive PII isn’t the only kind of high-priority asset. Companies’ networks house countless pieces of valuable data, such as detailed acquisition plans and protected trade information.
And while MSPs are right to concern themselves with hackers, data breaches can happen for other, non-malicious reasons. One major source, according to experts at Sophos, is human error.
They note that carelessness, coupled with poor security policies, can lead to potentially major data breaches. An employee may accidentally attach the wrong file to an email. That’s the source of a breach. Or another employee may accidentally download sensitive data to a home computer. Again, another possible breach.
It doesn’t appear earth-shattering on its surface, but such activity can have severe consequences for an organization. And it points again to the need for remote infrastructure monitoring.
By identifying sensitive data, MSPs and other IT professionals can take the necessary steps to safeguard it — against hackers and employees’ carelessness alike. For many, it’s a tough task to isolate vulnerable data.
But it doesn’t have to be.
That’s especially true with MAX Risk Intelligence from SolarWinds MSP (formerly LOGICnow).
With MAX Risk Intelligence, you can pinpoint vulnerabilities across your network, from PII to inappropriate access permissions. Armed with this information, MSPs can move on to create the best, most bulletproof layered security for their networks.
How MAX Risk Intelligence Works
MAX Risk Intelligence is comprehensive, and it provides concrete financial benefits for organizations.
With our deep scans, you can sweep across your networks and all of your devices to:
- Discover personal information. MAX Risk Intelligence scans across your networks to find email addresses, home addresses, license plate numbers and much more.
- Root out financial data. Find ACH data, bank account information and credit card numbers from a variety of credit-card companies.
- Locate data in different states. Uncover vulnerable data whether it’s in transit or at rest.
But these scans aren’t limited to PII. MAX Risk Intelligence also allows you to secure protected health information. Here, our scans give you the power to:
- Locate protected health information. Find a variety of PHI that’s spread across your networks, such as insurance numbers, photos of patients, medical charts and procedure codes.
- Customize your checks. You can utilize our provided scans or build scans around your clients’ specific needs.
- Perform audit controls. Remain in HIPAA compliance with ePHI authentication and integrity controls, among other measures.
Find Out Who Has Access to What
Many data breaches aren’t caused by malice. Human error is often at fault.
The issue often comes down to inappropriate permissions. Certain users don’t need access to sensitive data. Additionally, some users inappropriately retain their access permissions even after switching roles. You can imagine the problems if an HR manager transitioned into sales but still had access to bank records.
MAX Risk Intelligence sheds light on these permissions issues. With permissions discovery, MAX Risk Intelligence digs through your network to uncover:
- Inappropriate permissions. Discover mismatches in data permissions, using rich scans of sensitive data.
- Multiple file types. Scans cover a broad array of file types, including text files, spreadsheets, emails and more.
- Specific permissions issues. You can locate access permissions by focusing on read, write and other permissions.
These scans protect you against several nightmare scenarios including:
- Unsecured payment data that had been collected by sales teams.
- Protected health information stored in HR files.
- Customer lists that have been poached by former employees.
- Trade secrets and other pieces of intellectual property that have been put at risk.
Locate Your Greatest Weaknesses
Finding unsecured data is a crucial step, as MSPs work to build the strongest possible layered security. But networks face a host of other risks, from malware to phishing emails.
With our remote infrastructure monitoring, MAX Risk Intelligence reveals your networks’ vulnerabilities to a number of cyber attacks. Our powerful vulnerability scans include:
- Host-based scans. Run host-based scans across devices on your networks. Scans avoid the struggles with device-by-device permission issues.
- A light footprint. Host-based scanning runs locally, which preserves network resources and mitigates drains.
- CVSS scans. Max RI utilizes the Common Vulnerability Scoring System database, which reveals the latest threats. Our platform syncs every evening with the database, so your vulnerability scans remain up to date.
- Support across devices. Scans uncover vulnerabilities on networks, servers, workstations and mobile devices.
Our deep scans uncover a number of other network vulnerabilities, such as:
- Software that needs to be patched. This protects your networks from attacks on Flash, Java and Adobe, common targets of attack.
- Outlook and other email files.
- Malware threats across Windows, Mac OS X and Linux.
- Risks with VPN connections.
Name the Price
Organizational decision-makers respond well to the numbers. That can be especially true with IT.
Decision-makers often must be convinced that IT offers bottom-line benefits and that service benefits outweigh the costs. For some MSPs, that can be a challenge.
But not so for those using MAX Risk Intelligence.
Our reporting platform quantifies your clients’ vulnerabilities and places an exact dollar figure on their risks. This helps to generate buy-in from organizational leaders and allows you to demonstrate the tangible benefits of your services.
With MAX Risk Intelligence, you can run deep scans of your clients’ networks and come armed with:
- Cardholder data. Max RI uncovers credit card data across your networks and offers an exact cost your clients would face from a breach.
- Quantified PII risks. After scanning your networks, Max RI offers a specific financial cost from a potential breach of PII.
- Trend reports. Track your networks’ shifting risks so you can demonstrate the concrete improvements from your services.
- Customizable reports. You can brand your reports with custom logos and download reports in multiple file formats.
Try MAX Risk Intelligence Today
Remote infrastructure monitoring is clearly a must-have for MSPs and other remote IT professionals. It’s the foundation of a layered security approach and a major benefit in conversations with decision-makers.
If Max RI sounds like a good fit for your networks, you can choose intelligence with a no-hassle, 30-day trial.
About SolarWinds MSP
SolarWinds MSP delivers the only 100% SaaS, fully cloud-based IT service management (ITSM) platform, backed by collective intelligence and the highest levels of layered security. SolarWinds MSP's MAX products including Risk Intelligence, Remote Management, Backup & Disaster Recovery, Mail and Service Desk – comprise the market’s most widely trusted integrated solution.
Deployed on millions of endpoints across hundreds of thousands of networks, the platform has the industry vision to define and deliver the future of the market. SolarWinds MSP provides the most comprehensive IT security available as well as LOGICcards, the first ever IT notification feature powered by prescriptive analytics and machine learning.
SolarWinds MSP's passion is helping IT professionals secure and manage their systems and data through actionable insights, rewriting the rules of IT.
For more information, visit www.logicnow.com.
SANS Institute: https://www.sans.org/reading-room/whitepapers/bestprac/infrastructure-security-architecture-effective-security-monitoring-36512
U.S. Department of Labor: https://www.dol.gov/general/ppii
Computer World: http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.html