cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

7 Ways to Protect Your IT Environment This Earth Day

Community Manager

Earth Day is right around the corner—on April 22, people from all around the world will come together to demonstrate support for environmental protection. From global cleanups and reforestation, to local recycling programs, environmental protection is a cause everyone can support!

As tech pros, you know all too well that Earth isn’t the only environment that needs to be protected. Every aspect of your distributed, cloudy, complex IT environments requires protection from the threats that keep you (and your fellow techies) up at night. Security threats lurk beneath the surface and cybercriminals keep finding new ways to compromise the tech environments you hold so dear. Protecting these environments is truly something to be celebrated.

Last year, you shared your favorite tips and tricks for minimizing your data center footprint, and this year we want to know how you defend your environment against threats. In honor of Earth Day, let us know how you “protect” your IT environment (below!).

9 Comments
Level 14

I keep pushing for electronic delivery of reports. (50/50 success)

We have a recycling company take our old equipment (after we take out memory and drive and have them securely shredded on site).

We have recycling dumpsters for cardboard...

We are working at it!

We use Cyren to scan web based threats before things ever get to te network, we have a Velo SDwan protected gateway, we use Cylance as our desktop engine.   We have mandatory user training to help identify threats and provide awareness.   We limit access to machines.   we have a detailed procedure for gaining access to files, email, etc.   Of course we use SolarWinds products where applicable like LEM.   We also use a multiple tier backup strategy.   We use Commvault for our primary backups, with off site replication to a different location, and replication to Rackspace.  We also then use Nakivo for VM snapshot backups to different hardware as added redundancy, all of those are stored locally.   We test our restores periodically, and also review security and security best practices often.  Lastly we document.   This isn't the last step, just the last thing I am going to mention.  

Perhaps first and foremost we don't advertise what we have or how we protect it.  Yes, I know, that's the old inefficient "security through obscurity", which is no defense against an interested intruder.  It merely limits ignorant intruders, not ones who are determined.  Still, I'll take it.

A few of the many other things we do include:

  • Develop appropriate policies for employees, vendors, business partners, customers, etc.
  • Train employees about those policies.  Then retrain them.
  • Test employees with phony phishing threats, with e-mails that have inappropriate test attachments, then train them more to recognize attempts to phish and hack and steal their account information, and show them how to defend their credentials and our data.
  • Train and test again.
  • Train and test again with harder, more realistic tests.
  • Use our Legal department to create appropriate terminology for use in Business Partner Agreements, and require partners sign the agreements, to protect both parties.
  • Restrict access based on role and need.  This can involve providing an IT administrator with a PC that may have several IP addresses and three or more different accounts, each with differing access rights, and require them to log in and out of each account as tasks are addressed that require temporary elevated rights or lower rights.  This can be perceived as an effective method of reducing employee efficiency and slowing down productivity, but training helps people understand why it's necessary.
  • Disabling USB drives
  • Forcing any switchport access to be allowed only via NAC
  • Requiring certain systems to have an air gap between physical networks instead of merely a virtual gap (e.g.: VLANs might be designed to allow public and private networks to use the same equipment and same ports, with tags being the only thing keeping public access users from private corporate resources.  Creating a physical air gap between systems is Layer One security, and you can't defeat it with a simple flood to overload the resources of a switch or router.)
  • Use NCM to report changes to configurations.  I review these daily and question changes I don't recognize having been submitted and approved by our Change Administration Board.
  • Use multiple SIEMs to analyze traps and logs to determine what's happened, who did it, when, where was it, etc.  These tools are sophisticated enough to alert us when behavior matches suspicious profiles or even unknown profiles.
  • Document, document, document, review, revise, retire, refresh documentation.
  • Require staff to use approved password safes instead of keeping a local list of passwords online or on a Post-it on their monitor, or taped under their keyboard, or in the top left drawer of their desk, etc.
  • Enforce hard passwords be used by all staff and systems
  • Use biometrics and man traps for physical access into restricted areas (e.g.: data center space)
  • Hire White Hats to attempt to gain physical and logical access, and then report their progress.  They use:
    • Social engineering
    • Tail-gating to get into buildings that are badge-protected
    • Physical tricks
    • Logical tricks
    • Provided internal physical access and allowed to roam the business to see how long before they are questioned and escorted out
    • "Infected" test USB sticks / thumb drives to perform "salting" of cube farms, break areas, parking lots and sidewalks, etc. to see if anyone will pick one up and put it into their computer.  If an employee does this, the computer info and employee account is recorded and sent to the White Hat's monitoring service, and eventually is included in their report about access achieved.
    • External attacks on all company-owned public IP addresses
  • Probe our own internally environemts with tools like Nexpose and Rapid 7 and Nessus and others to continually and repeatedly attempt to access every IP address in the internal network and discover its credentials and open ports and vulnerabilities.

The list goes on and on, and continually changes based on what vendors offer, what security companies and the government report and recommend, what we learn privately and in training courses, and everything evolves.

Level 9

We are reducing our on-premise infrastructure and just trying to use what is only needed. Saves both carbon footprint and capital expenses for us

Level 11

Cloud migration with active promotion to eliminate all printed material.

MVP
MVP

I'm big on documentation and working as a consultant working with an Engineering Firm. Currently they have me stationed at a state agency and I've been really pushing for more documentation. I've been instrumental in implementing several forms and a lot of Visio diagrams. One of the people that I'm training is doing a lot of "tutorials" to help him remember how to do things.

This is helping the environment by bringing more sanity to the workplace.

Level 11

We move tasks and services to the cloud to take advantage of hardened infrastructure.

Level 7

Each year, we make all of the staff take an IT Security Webinar. Each webinar is between 2-7 minutes.  After each webinar, there are questions and they must be completed before moving on to more webinar.  There is somewhere between 20-25 webinars that an individual has to pass.  The webinar covers ways a hacker can get into your environment, why choose a strong password, report activities to IT, Phishing Schemes, Encrypted Links (HTTPS), Access Public Wi-Fi, etc.  The topics varies from year-to-year, but the main point is to have people become more aware.  We can spend a lot of money with the best products to protect, but the easy target is the people.

MVP
MVP

The company that I'm currently consulting for needs some updating in this area - its a government agency. There is a lot of old, retired equipment that needs to be pulled out of locations. One of the engineers, that has been here for 27 years, insists on leaving it in the racks and powered on as we "might need that some day." I've gotten them to pull a few very old devices, but still working on these newer devices.