Oman government agencies offered 5 tips to fight hackers
MUSCAT: To fight state-sponsored cyber attacks, government enterprises in Oman should deploy intrusion prevention systems and data loss prevention tools to block attacks, in addition to patching vulnerabilities and implementing multi-factor authentication, says a security expert.
Kasey Cross, senior product marketing manager at A10 Networks, lists five different ways government agencies in the Sultanate can keep cyber criminals at bay.
State-sponsored hackers can hide attacks in encrypted secure sockets layer (SSL) traffic to evade detection. As a result, network security solutions, such as next-gen firewalls and intrusion prevention systems, need to be able to inspect all incoming and outgoing traffic for threats — not just the data that is sent in plain text, he said. To ensure state-sponsored hackers do not bypass your security controls, decrypt and examine all traffic, he added.
Five features for IT teams to consider when selecting an SSL inspection platform include:
SSL performance: In addition to assessing current Internet bandwidth requirements, IT also must factor in SSL traffic growth and ensure the inspection platform can handle future SSL throughput requirements.
Compliance: To address regulatory requirements like Health Insurance Portability and Accountability Act, Federal Information Security Management Act and Sarbanes-Oxley, an SSL inspection platform should be able to bypass sensitive traffic, like traffic to banking and healthcare sites.
Heterogenous networks: IT should look for SSL inspection platforms that can decrypt outbound traffic to the Internet and inbound traffic to corporate servers with multiple, flexible deployment options. Additionally, the platforms should intelligently route traffic with traffic steering, granularly parse and control traffic based on custom-defined policies and integrate with a variety of security solutions from leading vendors.
Security infrastructure: SSL inspection platforms should not just offload SSL processing from security devices but also maximise the uptime and performance of those devices. It’s important the platforms can scale security deployments with load balancing, avoid network downtime by detecting and routing around failed security devices and support advanced health monitoring to rapidly identify network or application errors.
SSL certificates and keys: To ensure certificates are stored and administered securely, IT should look for SSL inspection platforms that provide device-level controls to protect SSL keys and certificates, integrate with third-party SSL certificate management solutions and support FIPS 140-2 Level 2 and Level 3 certified equipment and Hardware Security Modules.
Fortify web applications
Web application data is an attractive target for state-sponsored hackers. Attackers have been known to exploit application vulnerabilities to gain access to Web servers or steal records from databases. One way agencies can protect against this is with a certified Web application firewall (WAF), which filters all application access by inspecting both the traffic toward the application and the response traffic from the application.
Assume that any communications over public networks can and will be intercepted. Therefore, agencies of all sizes should implement IPsec Virtual Private Networks (VPNs) to prevent snooping and data theft.