Pub. 14 2019-2020 Issue 2
WWW.NEBANKERS.ORG 22 For more information, contact David Edwards at 913-225-6382 or david.edwards@sbscyber.com . SBS delivers unique, turnkey solutions tailored to each client’s needs, including risk management solutions, consulting, auditing, and education. Learn more at www.sbscyber.com. Courtney Calderwood ccalderwood@bhg-inc.com 315.329.2994 Increase your revenue seamlessly with high–quality professional loans. No hassle of originations Complete credit profile Convenient online purchasing Things to Look for in Firewall Rules Next, how do we audit firewall rules? If you only take one message from this article, let it be this: “Do something.” Start with some basic ideas and work forward from there. Below are six ideas to get you started: 1. Evaluate your existing firewall change management procedures, ensuring all rule changes are logged, and procedures for making changes to the firewall rules or settings are adequate. Firewall change management procedures are especially important if your firewall is managed by a third party. 2. Look for changes in current firewall rules vs. previous firewall rules. Has anything changed? If so, why? Were these changes tracked (see above)? 3. Look for rules that seem out of place or odd. We’re talk- ing about rules that are clearly out of place, like a rule allowing all traffic froma Russian IP address. If you don’t know enough about firewall rules to identify out-of-place rules, talk with a vendor or your IT department. 4. Ensure you know why specific external IPs are be- ing allowed by firewall rules. Resolve those specific IPs to be sure they are appropriate if they are being allowed. 5. Look for hard coded passwords in rules. If there are passwords hard coded into firewalls rules, is there a need for such a rule? Could hard coding passwords be avoided? If not, has the password ever changed? 6. Evaluate open ports and ensure there is a business need for those ports. Sometimes, certain communications require the use of specific ports in firewall rules. Is the need for these communications still applicable and current? Has the organization documented the need for these open ports and accepted the risk? If the open port is no longer needed, can the rule be removed? You don’t have to have a complete knowledge of firewall configurations and reports to meet this Baseline CAT control, but youmust develop a process for reviewing your firewall rules and/or having them tested. It’s nearly impossible to understand what is abnormal if you aren’t aware of what is normal. Once you’ve established normal, the key is to ensure you act on any deviations within the reports. Tech Talk — continued from page 21 We know community banking. Regulatory Representation Mergers and Acquisitions Business Succession Planning Creditor’s Rights Lincoln ■ Newman Grove ■ Bruning eptlawfirm.com ■ toll-free 844-704-5296
Made with FlippingBook
RkJQdWJsaXNoZXIy OTM0Njg2