Even if you have so-called Remote Monitoring and Management (RMM) agents running on your network, that doesn’t guarantee that you’re getting visibility into all of the most important security and configuration items that need to be regularly checked.
I remember a case of a Texas man who illegally accessed his former employer’s computer database and deleting some important files. The Andrews, Texas man had been an employee of a services provider to the domestic natural gas and oil exploration and production industry. The man admitted to gaining illegal access to his former employer’s computer system and deleted approximately 68 files, including analysis reports on oil and natural gas wells in Odessa, Levelland, Denver City and Andrews.
This kind of stuff happens all the time. Sometimes the illicit activity is caught after-the-fact, when the damage is already done. More often than not, the business owners are taken completely by surprise. They assume that their networks are safe because they have software agents running on their network, because they have a firewall set up, and they’re running the latest virus protection and malware filtering programs.
But there are a lot of vulnerabilities that simply elude standard network monitoring and firewall security. Here are my top 8 network attributes that are most likely to fall under the radar of standard network monitoring systems:
- Domain, network, system and application discovery
- User password strength and risks
- Permission and user rights
- Devices plugged in that are unidentified
- Existing issues on individual computer systems not being monitored
- Discovery of SQL servers, Exchange servers, web servers, printers and more
- Installed application inventory
I compiled this list after running a very simple and inexpensive scan on a wide range of networks that were supposed to be safe and secure. And, sure enough, almost every time I run one of these assessments, the scanning software finds something (unpleasantly) surprising.
The good news is that you can discover any of the issues associated with the 8 network attributes I mentioned without spending a lot of money, taking down your network, installing a bunch of software, or disrupting your business in any way.
A simple scanning tool that runs on your domain controller does all the work, and usually in 10-20 minutes. It will pull in a mountain of valuable data that a quality network technician can evaluate, tell you what was uncovered, and recommend appropriate remediation.
Any other quick and inexpensive network discovery suggestions? If so, please share the tool you use and what you can uncover.