Do you know all of the devices on your network?
Sort by:
Knowing everything on the network and where they were was a big thing at a number of the other companies I ran, and it was poorly done in some cases. You started to need to air gap things off but if you air gap, it's going to be even more difficult to find some of those things on the network.
None of the companies that would allow me to do that let me find all the things on the network and what they were dealing with. And then the engineering networks would say, "You can't get in there. We're separate," but then some of the things would come from the engineering networks first. So it was a big issue. That's why I actually started doing more microsegmentation. I won't say I was an Enterprise Certified Netware Engineer (ECNE), but I do remember some of that stuff. I literally had some of the group walking around with laptops into these segmented areas to do some of the testing, because that was most effective.
A lot of the places I’ve been at don't know everything that's on their network but if we don't know what we have, we don't know how to protect it. At previous companies, only 20% of the devices were manageable devices (laptops). The rest were all sensors, cameras, printers—all these other things connecting to your network are credentialed and have access to everything.
So not only do we need to have better inventory and know what we have, we also need to know what they're doing. What action are they taking on the network? Is it normal behavior? How do we detect if a printer's doing something it’s not supposed to do, and then how do we take action on that?