{"id":22921,"date":"2017-01-04T05:00:55","date_gmt":"2017-01-04T13:00:55","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=22921"},"modified":"2016-12-29T09:45:55","modified_gmt":"2016-12-29T17:45:55","slug":"dont-let-users-unknowingly-weak-link-security-infrastructure","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2017\/01\/dont-let-users-unknowingly-weak-link-security-infrastructure\/","title":{"rendered":"Don\u2019t Let Your Users Unknowingly Be the Weak Link in Your Security Infrastructure"},"content":{"rendered":"

Hackers are becoming increasingly stealthy and creative, relentlessly trying to gain access to sensitive data, while organizations work tirelessly to prevent security breaches and data theft. In this complex game of cat and mouse, security practitioners are being forced to rethink how they identify and control traffic on the network, shifting to an application-focused approach, rather than port- and protocol-based policy, to defend against successful cyberattacks and uphold business integrity.<\/p>\n

User-based access controls, based on user identity information, rather than IP address, allow organizations to safely enable applications traversing the network, make informed decisions on network access, and strengthen overall network security. Here are four reasons why you should take advantage of user-based access controls, called User-ID, on your Palo Alto Networks next-generation firewall (NGFW):<\/p>\n

1. Complete Network Visibility<\/strong><\/h3>\n

Improve network visibility by mapping network traffic to users, rather than IP address. Application visibility based on users provides an organization with a more relevant picture of network activity, along with the power to quickly determine associated risks and respond accordingly. User-based access policies can be applied to application, URL, and file type accessibility, reducing the organization\u2019s risk of initial attack, lateral threat movement, and insider threats by ensuring that data movement to and from users is both allowed and approved.
\n<\/strong><\/p>\n

2. Simple Security Policy; Simple Life<\/strong><\/h3>\n

Security practitioners do not have the time nor resources to invest in tracking thousands of IP addresses and complex security rules. Access controls based on User-ID, user identity, who is allowed or required to do what, dramatically simplifies the rules and safely enables applications, while simultaneously reducing the administrative effort associated with end-user moves, adds and changes. User-based access policy eliminates the need for a multitude of location-specific rules, as well as the need to dynamically adapt to the most appropriate policy for individual users and user groups, even as users move around the office, or outside the corporate network with various devices on different network addresses.
\n<\/strong><\/p>\n

3. Minimum Access; Maximum Control<\/strong><\/h3>\n

End users \u2013 employees, customers, partners \u2013 must be able to access required information repositories, as well as the Internet, to perform various functions of their jobs. Leveraging user-based access controls to analyze application threats and web surfing activity in terms of individual users, or groups of users, ensures access to mission-critical resources, and restricts access beyond the scope of approved means. When determining accessibility parameters, align application usage with business requirements following the principle of least privilege \u2013 minimum access based on job requirements \u2013 and, if appropriate, inform users that they are in violation of policy, or even block their application usage outright. User-based policy follows users regardless of location or device.
\n<\/strong><\/p>\n

4. Increased Security; Better Forensics <\/strong><\/h3>\n

It\u2019s important to have the right user-based access controls in place to manage the identities and access of both internal and external employees, customers and partners. Knowing who is using each of the applications on your network, and who may have transmitted a threat or is transferring files, reduces incident response times and allows for damage control if an attacker does successfully infiltrate. In addition, user-based access policy ensures an attacker will only gain access to a small portion of data on the network, rather than the entire net worth of information. For maximum security protection and breach prevention, employ the right user access to mechanisms not only on the applications and endpoints that users access, but also on the organization\u2019s next generation firewall infrastructure.<\/p>\n

To learn more about the benefits of leveraging User-ID, user-based access controls, on your Palo Alto Networks NGFW:<\/h3>\n