Internal Network Monitoring

Most issues stem from INTERNAL Threats. Not all are malicious, just a byproduct of working with humans. Below are some facts about internal threats.

-About 1/3 of all security breaches stem from lost or stolen devices that took too long to discover were missing.
-Another 27% of breaches are caused by inadvertent misuse of data by employees which is often never discovered until well after-the-fact.
-An additional 12% of breaches are caused by malicious insiders, most of whom were never suspected of “being the type.”

In all, internal vulnerabilities in some form or another are responsible for a total of 70% of all data breaches.

Tier3MDSecure offers full Internal Monitoring protection. See the list below.

Access Controls

Restrict Access to Computers Containing ePHI to Authorized Users
Restrict Access to Systems in the Cardholder Data Environment (CDE) to Authorized Users
Restrict Access to Accounting Computers to Authorized Users
Restrict Access to Business Owner Computers to Authorized Users
Restrict Access to IT Admin Only Restricted Computers to IT Administrators
Restrict Users that are Not Authorized to Log into Multiple Computer Systems
Authorize New Devices to be Added to Restricted Networks
Restrict IT Administrative Access to Minimum Necessary
Strictly Control the Addition of New Users to the Domain
Users Should Only Access Authorized Systems
Strictly Control the Addition of New Local Computer Administrators
Investigate Suspicious Logons to Computers
Investigate Suspicious Logons by Users
Only Connect to Authorized Printers

Computers

Changes on Locked Down Computers Should be Strictly Controlled
Restrict Internet Access for Computers that are Not Authorized to Access the Internet Directly
Install Critical Patches for DMZ Computers within 30 Days
Install Critical Patches on Network Computers within 30 Days

Network Security

Remediate Medium Severity Internal Vulnerabilities (CVSS > 4.0)
Detect Network Changes to Internal Wireless Networks
Detect Network Changes to Internal Networks
Remediate High Severity Internal Vulnerabilities Immediately (CVSS > 7.0)
Only Connect to Authorized Wireless Networks