Network administrators are responsible for protecting enterprise data from a number of security threats. Here are 10 bad habits they must avoid to be most effective.
Every enterprise's network is made up of devices that transmit and store information, which are increasingly at risk as the cyberthreat landscape grows more sophisticated. Network administrators play a key role in protecting the network from unauthorized access, data loss, malware, and security breaches, by implementing end-to-end controls.
However, several common mistakes arise in the field that can put your company at risk. Here are 10 bad habits network administrators must break to be most effective in their role.
1. Failing to update policies frequently
Policies are living, breathing elements of networking, which need to be revisited regularly to address the internal and external changes for monitoring and managing the network, according to Kyle Gingrich, vice president of IT & Certifications at Skillsoft. "Networks are combinations of multiple third party equipment and applications, so as network administrators make changes, those components policies may be impacted as well," Gingrich added.
2. Doing everything manually
When you automate processes, you get rid of a dull routine, improve efficiency, and have more control over the entire IT infrastructure, according to Brad M. Shaw, president and CTO of Dallas Website Design Inc. Further, "from a security point of view, automation makes it easier to audit and analyze activity patterns rather than doing the same job with unstructured manual procedures," Shaw said.
SEE: Network security policy (Tech Pro Research)
3. Making changes without logging them in change control
It can be easy to say "I'll just make this one little config change," said Jim Frey, vice president of strategic alliances at Kentik and former network industry analyst. "But when someone else is trying to figure out why something is broken a few days or weeks later, it's essential to understand what changed versus the expected baseline. That's why having a change control process is critical."
4. Believing that your network is impenetrable
Over-confidence in the safety of your network can lead to a hack or a security threat gone unnoticed, according to Lindsey Havens, senior marketing manager at PhishLabs. Forgetting the safety of the entire network's environment is another related mistake, she added. "Sometimes network administrators get too caught up in putting out immediate threats and cyber concerns that they don't check the overall effectiveness of the entire security system," Havens said.
Public cloud infrastructure and cloud-delivered network services continue to present blind spots for network administrators, said Moshe Elias, director of product marketing at Allot Communications. "Network visibility is invaluable when it comes to security because it shows IT pros their security gaps before they become problems, reducing the risk to data," Elias said. "Network visibility tools will continue to grow rapidly in the future based on evolving security challenges, ranging from shadow IT to IoT security, and the ongoing adoption of public cloud and network virtualization."
Failing to protect network access can also be a major pitfall, said Gingrich said. "Hackers shouldn't be able to get to 'the keys of the kingdom' through one access point or data storage location," Gingrich said.
5. Experiencing alert fatigue and short-term thinking
Alert fatigue is the term used to explain the phenomenon of network administrators and other security analysts not responding to security alerts simply because they receive so many each day. "Too many incoming alerts are creating a general sense of overload for anyone in IT," said Christopher Ensey, COO at Dunbar Security Solutions. "Security is an area where we are seeing explosive growth in new tools and the volume of notifications is exponentially growing. Network administrators need to implement a better means of filtering, prioritizing and correlating incidents."
SEE: IT Networking Fundamentals Certification Training (TechRepublic Academy)
Because the network administrator becomes used to putting out fires, their default attitude becomes one of making short-term decisions about fixing issues, rather than being a part of approving technologies or processes that support business transformation or encourage innovation, according to Greg Hoffer, vice president of engineering at Globalscape.
"Putting out fires is important, but when that becomes a habit, network administrators miss an opportunity to be a contributor to the success of the organization," Hoffer said. "In my experience, when the IT team has a strong understanding of the company's mission and their role in achieving shared goals, there is greater empathy for the mandates and challenges of individual departments that leads to better cooperation and an appropriate sense of urgency, and encourages IT to take an active role in implementing and enabling the organization's vision."
6. Failing to keep skills updated
With the constant pace of change in the tech industry, if an IT professional is not constantly learning, their skills are getting stale, according to Peter Tsai, senior technology analyst at Spiceworks. "Network administrators who become complacent in their jobs without exploring new ideas, methodologies, or technologies run the risk limiting their career opportunities in the future," Tsai said. "Even if hands-on training with emerging tech is not available on the job, IT pros can combat getting left behind by taking training courses, pursuing certifications, and setting up home labs to gain more knowledge and experience."
Networking policies and threats in particular change constantly, Gingrich said, and keeping current is key to protecting a network.
7. Using command-line interface to troubleshoot your networking
Network administrators need to get away from logging into the command-line interface (CLI) in their network equipment to manually troubleshoot network performance problems, according to Justin Ryburn, a technical marketing manager at Kentik and former network engineer. "Instead, they should build tools that leverage internal and external APIs and databases to provide them with the performance alerts and information they need," Ryburn said.
8. Allowing ports and protocols outbound to the internet
Allowing access to any port and protocol out on the internet is a bad idea, according to IT consultant Ben Piper. "Allow only the standard tcp/80 for http, tcp/443 for https, and whatever else you know your organization requires. Block all else," he advised. Also, because some malware uses SSH (tcp/22), network admins should only allow it per-destination IP address, Piper said.
9. Using scripting to hack at automating networking
"Especially as IT continues to modernize at a rapid pace, one bad habit that network administrators need to break is incorrectly using scripting to hack at automating networking," said Cortney Thompson, CIO of Green House Data. "While scripting can significantly ease the burden of network administration, it must be done within a framework, as opposed to applying a hodgepodge, or trying constantly bridge legacy code gaps."
A DevOps model can offer a more efficient and scaleable direction for network automation, Thompson said. "This allows considerations for aspects of tooling, code pipeline, immutable infrastructure, upgrades, and resilience," she added." Applying a DevOps model to networking helps realize the DevNetOps benefits which support continuous integration and continuous deployment."
10. Poor monitoring discipline
Poor monitoring discipline is an easy habit to pick up, as networks have grown in size, complexity, and geographic distribution, according to Patrick Hubbard, head geek at SolarWinds. The growth of the cloud has also made it more difficult to pinpoint the root causes of performance issues. And often, network admins are siloed from server admins, storage admins, and others, with little cross-discipline monitoring.
"Monitoring across multiple disciplines instead of the traditional silos can provide a cohesive view across an organization's IT spectrum, and thus ridding the bad habit of the old way of monitoring can make root cause analysis much more efficient and accurate, reducing costs in the process," Hubbard said. "For network administrators to be most effective at their job, they need to expand current skillsets to effectively monitor hardware, networks (i.e. NetFlow and syslog), applications, virtualization, configurations, cloud and even containerized workloads."
- 10 tips to help you become a Google Chromebook power user (TechRepublic)
- Is 'admin' password leaving your IoT device vulnerable to cyberattacks? (ZDNet)
- 10 bad habits cybersecurity professionals must break (TechRepublic)
- Your website suffers 22 cyberattacks per day, here's how to stay protected (TechRepublic)
- Configuration management policy (Tech Pro Research)