Wednesday, February 12, 2014

Assume that you are a Target

There has been a buzz in the Uplogix office about the much-publicized Target credit card information breach. No, not just because many of us are now carrying shiny new credit cards proactively replaced by our banks due to our vulnerability as frequent Targ├ęt (say it Tar-zhay) shoppers, but because initial reports indicated that the breach relied on access hacked from an HVAC vendor.

More recent information indicates it was an email phishing scam of some sort that probably found a small company (the HVAC contractor), that happened to have logins to an online partner portal of a big fish—Target (the 2nd largest discount retailer in the US after Walmart). The investigation is still ongoing, so factual information is hard to come by, but one thing is clear—when it comes to the chains of security, especially in the world governed by the PCI standards, it's only as secure as the weakest user. And often that user is external.

From its position in the rack of network gear, an Uplogix Local Manager has some unique capabilities when it come to allowing access to devices from internal and external users. Uplogix ensures that only the right users have the right access to devices and systems by providing very granular and customizable administrative access. By authenticating to systems through Uplogix, user access can be limited to specific devices, IP addresses, or even specific commands available to them.

Then there is the monitoring. By leveraging the Local Manager’s dedicated serial connection with managed devices and servers, Uplogix logs all changes made by users and the results of these changes. This information is saved locally and then transmitted to a central location for analysis and long-term storage. Logging, recording and reporting are unaffected by the state of the network—Uplogix continues to satisfy compliance requirements even during downtime. This is unlike network-based tools that fail to capture changes during a network outage.

Automated actions ensure that policies are enforced at all times. For example, Uplogix can prevent unauthorized user access by automatically closing idle sessions. This eliminates a potential security gap. Functionality like being able to update access passwords on multiple managed devices all at once gives IT additional tools in their fight against attackers.

Keep your eyes and ears open, there is surely more to come out on the breach that struck Target, Neiman-Marcus, and what sounds like other retailers involved that are not yet named. And if you are running a network, take a look at Uplogix. There's a good chance that we might plug a security hole you have, maybe don't even know about yet, or one that your weakest vendor might bring.