News over the last few years has been thick with reports of major data breaches on corporate network infrastructure. In the cases of the Panama Papers, the OPM leak, and the Hacking Team leak, the results were catastrophic leaks of extremely confidential information. In truth, a determined and well-resourced attacker can always find a way in.

Having access to all the digital resources you might need, no matter where you are or what sort of network connection you have, has become a way of life for most. Whether you’re a business sharing data with other businesses, or a traveler who needs to stay in touch at all times, access to resources is a given. While applications hosted in the public cloud go a long way towards making location a non-issue, many resources are hosted privately for reasons such as security and privacy.

Unplanned downtime carries a hefty price tag for enterprises. In 2020, critical server outages cost enterprises on average at least $10,000 per hour, with 95% of respondents stating that the cost was $200,000 per hour or more. 40% said that the average cost was closer to $1 million per hour, and 17% lost $5 million or more for every hour offline. Those are some sobering statistics that demonstrate the importance of being prepared for the worst. But you’re thinking, “We back up everything!

Any cybersecurity breach is damaging to individual companies. But when it becomes a supply chain attack, the results can be chaotic and widespread. While most businesses overlook the dangers of supply chain cyber attacks, hackers have not. Malicious actors are continuously looking for, and finding, new ways to invade company networks. With these looming threats, companies must know how to prevent supply chain attacks and find new means of securing against cybersecurity breaches.

A cynical network engineer might say, “configuration drift happens when you take the day off.” Someone changed something they shouldn’t have, and didn’t tell anyone. As a result, the network gets just a little less secure, and a little harder to troubleshoot. And then it happens again. And again. And over time, all those little changes that people thought would never mean anything suddenly add up to a network looking a lot different from what it’s supposed to be.

When I’m speaking to any IT solution provider or managed service provider (MSP), one of the most common questions I’m asked is, “What’s the one mistake you’d recommend any IT businesses avoid?” My answer is always this: Not documenting your business. The reason is simple. If you don’t document your business, you’ll inevitably find your business is prone to an SPF—a single point of failure.

Healthcare SysAdmins haven’t just taken the concept of digital transformation to heart—they’re one of its largest proponents. Quality care improves patient outcomes, so healthcare organizations have embraced the idea of highly connected and digitally enhanced environments to help deliver that care. But while healthcare might often be at the forefront of the digital transformation and tech adoption wave, that doesn’t mean the process isn’t fraught with challenges.

A commonly used tool at the Cisco command line is the access control list (ACL). At their simplest, access control lists are collections of IP addresses that are used by a router, switch, or a firewall to identify network traffic that must be handled in a special way. Cisco and other network vendors use ACLs for many different purposes. This article focuses on IOS access control lists as used on Cisco routers, although much of this discussion applies to Cisco switches as well.

Continuous security (or control) validation helps me explain network security with one of my favorite analogies. Network security is like jiu-jitsu. You have no idea how strong your defenses are if you’re not rolling (sparring) regularly. Let’s take a closer look at continuous security validation, and explain why, just like jiu-jitsu, you need to keep your system in practice to keep it sharp.