Monday, April 9, 2012

Ensure good configuration health before it's too late

Username: admin, Password: password - weak configuration could result in big issues.
Don't let this be your configuration!
Hackers broke into a server for the State of Utah Health Department recently in what has been described as a "configuration error" or an "installed password that wasn't as secure as needed."

The breach resulted in over 182,000 Medicaid and Children's Health Insurance Program members having their personal information stolen, with about 25,000 Social Security numbers being compromised. Those affected will be notified of the information theft.

Configuration errors are often thought of in terms of downtime, with well known stats from folks like Gartner, calculating 80% of all downtime is caused by human-induced configuration errors and average hourly costs for business of $42,000. Amazon's hourly cost of a website outage was independently calculated at $350,000!

But how much more expensive is a security breach than downtime? Potentially much, much more expensive. The Congressional Research Service concluded in 2004, that companies' stock prices dropped between 1%-5% in the days following the announcement of data loss. For the average NYSE corporation, that's shareholder loss of $50M - $200M (remember we're talking 2004 dollars).

How Uplogix Can Help
Uplogix ensures that only the right users have the right access to devices and systems by providing very granular and customizable administrative access. Here are a few ways Local Management can help you ensure good configuration health:
  • Maintain and enforce AAA (Authentication, Authorization and Accounting), regardless of the state of the network. Under normal circumstances, Uplogix Local Managers integrate with remote authentication mechanisms, such as TACACS and Radius, but if connectivity is lost, the LM can failover to other AAA servers before falling back on cached authentication data to maintain authorized access.
  • Use multifactor authentication through integration with RSA SecureID and Secure Computing Safeword
  • Prevent unauthorized user access by automatically closing idle sessions, eliminating a potential security gap. Uplogix also ensures that the right users have the right access by enforcing granular, role-based permissions
  • Enable audit and compliance reporting by constantly logging all changes made to managed devices and the results of these changes
  • Eliminate modem security issues with CallHome™ connectivity. Uplogix appliances always “dial-out,” never allowing in-bound dial-up requests, to restore connectivity when the primary network connection goes down, closing common security holes.
  • Improve overall security by restricting access to specific IP addresses and encrypting passwords stored in the database, and by automating management functions related to security enforcement, like updating the access passwords on hundreds of managed devices at once.
Local Management also has important capabilities for audit and compliance reporting to validate and demonstrate that you are meeting both internal and public standards. Uplogix not only audits all changes made to the managed infrastructure, but also inspects audit logs in real-time for problems and can proactively take rules-based automated corrective actions based on log patterns.

So, the next time you are evaluating the cost of downtime in your organization and trying to minimize the opportunities for configuration errors, keep in mind that you are only looking at the cheaper side of the configuration risk equation and give Local Management some thought. You probably can't afford not to.