Security vulnerability in any network can be found and exploited by hackers and others in no time. The only questions are when this will happen and how much damage an individual could do once they’ve gained access to the network.

Recognising this reality, most organisations test their own networks for security weaknesses, whether to meet compliance requirements or simply as a best practice. Those that aren’t doing this now should start—the sooner, the better.

There are a variety of methods that can be used for these tests, each of which has its strengths and weaknesses. For example, some can be performed relatively quickly and easily, while others are more complex and exhaustive. Determining which method is right for a particular organisation or situation can be overwhelming to say the least, particularly for those lacking advanced IT skills. The below overview of the most common testing practices will help make sense of the often-confusing array of options to help organisations ensure the highest level of network security and protection.

Vulnerability scans

When run on a regular basis,
vulnerability scans can serve
as an early warning that software
is out of date or patches are
missing or misconfigured

Vulnerability scans rely on mostly automated tools to find potential vulnerabilities at either the network or application level. Of the two, network scans are the more basic, looking for known common vulnerabilities in widely used commercial and open source software and reporting any that are found with ratings that identify the level of severity.

The advantages of network vulnerability scans lie in their speed, cost efficiency, and safety, which make them ideal for ensuring that the latest system patches and updates have been deployed and that security configurations are as stringent as possible. When run on a regular basis, these scans can serve as an early warning that software is out of date or patches are missing or misconfigured.

Many organisations only test their networks from the Internet. It’s true that Internet facing-vulnerabilities are the most well-known and well-publicised and may seem like the easiest for an attacker to exploit, but there’s much more to the story. Specifically, by limiting scans only to external threats, organisations remain unaware of exactly what an attacker could accomplish once the network has been breached, for example by tricking a user into installing a backdoor via a phishing email. What internal network vulnerabilities could an attacker exploit to move between systems once they’ve gained a foothold? Without testing internally, there’s no way to know the answer to this question until it’s too late.

Attackers regularly target and leverage vulnerabilities in custom applications to access the data they contain or breach the underlying network
Organisations must also test from inside the firewall to discover what an attacker could accomplish once the network has been breached

Internal network scans

Therefore, in addition to network vulnerability scans, organisations must also test from inside the firewall. But it’s important to note that even internal network scans can leave blind spots since, by default, scanners only check services that listen for network communications. Unfortunately, many attacks are made possible by phishing, drive-by-downloads, and other campaigns which target web browsers, PDF viewers and other client software that a network scan will skip over. Using these tactics, attackers can then exploit vulnerabilities in other local operating systems to gain administrator privileges.

There is a way to eliminate these blind spots by configuring scanning tools with authentication credentials that enable them to log in to their targets during internal scans, allowing them to check local software as well. This approach will give the most complete view of the status of an organisation’s patches and configurations.

Even internal network scans
can leave blind spots since,
by default, scanners only
check services that listen for
network communications

The other main shortcoming of network vulnerability scanners is that they are only as good as their vulnerability signatures, which are based on existing databases of known vulnerabilities. This means they cannot identify flaws that haven’t yet been reported publicly, including those found in more obscure or custom applications. This can present significant risk, as attackers regularly target and leverage vulnerabilities in custom applications to access the data they contain or breach the underlying network. This is where application vulnerability scans come in.

Application scanners

Application scanners are designed specifically to identify these previously undocumented vulnerabilities found in custom applications. Unlike network scanners, these tools exercise all of an application’s functionality to find common types of flaws, rather than looking for a list of known vulnerabilities. However, because of the amount of data these scanners send to an application, they must be used very carefully. No organisation wants to become another entry on the long list of stories about application scanners dumping garbage data into a database or triggering thousands of emails.

That said, regardless of how advanced application scanners may be, they are still incapable of catching a number of vulnerabilities, especially those that are too subtle for the scanner to pick up on but which would be obvious to a human observer. As is the case with network scans, a clean report by an application scanner is a good start but is no guarantee that there are no problems. Organisations should build on these scans with deeper, more complex and thorough methods, such as penetration testing.

Each of these network vulnerability testing methods brings its own strengths and weaknesses to the overall security equation
Penetration testing brings skilled, "white hat" hackers into the mix to simulate real-world attacks

Real-world testing

Organisations often make the mistake of concentrating their network security efforts on fixing only those vulnerabilities identified by scans as being critical or high-severity in nature, which is a highly ineffective practice. Why? Because real-world breaches are rarely perpetrated on the basis of a single critical network vulnerability. Instead, attackers recognise the tendency to focus on only “serious” problems and often chain together multiple low- to medium-severity network vulnerabilities or combine them with “local” vulnerabilities that are invisible from the network.

Building on network and application vulnerability scanning, penetration testing brings skilled, “white hat” hackers into the mix to simulate the kind of real-world attacks against an organisation’s network services, applications, or even both simultaneously. Like malicious attackers, these testers attempt to combine vulnerabilities uncovered by scanners while also looking for those that the scanners are incapable of detecting. While this process is more time-consuming and costly than deploying scanning tools alone, it provides a more realistic assessment of just how much effort an actual attacker would need to put forth to breach an organisation’s network and data.

No matter how careful penetration
testers are in their efforts, it is
always possible that a host would
be knocked offline temporarily or
data in a database altered

Potential unintended consequences

Each of these network vulnerability testing methods brings its own strengths and weaknesses to the overall security equation, underscoring the reality that no testing— regardless of how important or critical it may be—comes without risk. For example, no matter how careful penetration testers are in their efforts to exploit flaws and vulnerabilities without causing damage, it is always possible that a host would be knocked offline temporarily or data in a database altered.

Organisations need to be aware of these potential unintended consequences. It is important to understand that the skill level of the testers will largely determine the success of testing, so organisations should seek out testers with strong experience and skillsets. One final note is that regardless of how tempting it may be to cut costs by limiting the scope of testing, the potential long-term costs—network disruption, data theft, damage to reputation, etc.—could be far greater than today’s savings. For this reason alone, the higher cost to an organisation of having an established, experienced team perform exhaustive testing can actually turn out to be a tremendous bargain.


Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

Author profile

Christopher Camejo Director of US Threat and Vulnerability Analysis, NTT Security (US) Inc

In case you missed it

Thermal cameras and smart cities: Preventing COVID-19 in public places
Thermal cameras and smart cities: Preventing COVID-19 in public places

With the pandemic still in full swing and no certainty as to when exactly it will come to an end, the world has been battling anxiety for months now. And with each day, circumstances change quickly and almost make it impossible to predict what will happen next, how events will unfold, and what actions to take in light of a new situation. But one thing is certain: the world has been shut down and paralysed for way too long, and the eventual reopening is unavoidable – in fact, it’s well under way. In this situation, what is possible to control is how the world will continue reopening – and specifically, how to ensure the safest possible reopening that will ensure the return of some degree of normalcy to people’s lives and business operations, while also managing the risk of COVID’s spread in the most efficient way. Our highly digitised, technologically advanced world This is when the power of technology comes to rescue the day: what truly sets the global crisis we face today apart from other calamities that humanity has encountered over year is the fact that it has developed in a highly digitised, technologically advanced world where each day brings about innovations with a sole purpose to make daily life and operations easier and more streamlined. And among these, the star of the past decade has been artificial intelligence. The world has been shut down and paralysed for way too long, and the eventual reopening is unavoidable – in fact, it’s well under way While AI has many avenues of introducing efficiency and fast problem-solving, there is one specific application that will further fuel the reopening of the world and successfully keep the spread of the virus abate. This “collaborative security” application includes a synthesis of smart video analytics, facial recognition, object identification/detection, and thermal cameras that can support the reopening of businesses globally when installed within those facilities frequented by customers. With such a level of sophistication that can ensure uninterrupted monitoring and analysis of large public spaces, these AI technologies can ideally operate best as cloud solutions to ensure a collaborative network with maximum scalability and widespread implementation. As these technologies increase in ubiquity and find their way into daily operations of businesses globally, the cost of the smart solutions will decrease proportionally to the growth of their reach. There are some highly specific ways to create this collaborative network of interconnected safety tools in the current climate. Here are some applications that have been successful to date and will increase in usability in the foreseeable future, creating “smart cities” working together towards a safer, more secure world. Maintaining social distancing practices The most important step everyone around the world has taken to contribute to the effort of slowing the spread of the virus has been social distancing. A six-foot-distance has become a new social norm that has quickly been adopted globally and become a habit to people who are naturally used to being close to others and socialising without giving distance a second thought. The star of the past decade has been artificial intelligence So, it is natural that such distancing measures take time to get accustomed to – and it is also natural that individuals may forget about them from time to time. To help maintain the six-foot distance between people at all times and give them slight nudges to keep the rule top of their minds, AI video technology can be trained to estimate the distance between individuals in public and commercial areas and identify the cases in which people get too close to each other. By notifying local merchants or authorities about such cases, the system can help ensure the safety of everyone in the area at all times while positively reinforcing the public to gradually get more accustomed to maintaining the distance and thus helping stop the spread of the virus. Detecting the virus through facial recognition Perhaps the straightforward application of such high-level technology is using video surveillance to identify persons of interest who have tested positive for the virus. Modern AI has the ability to identify facial features and characteristics with a unique level of granularity, making it possible to identify individuals whose records show they have antibodies from those who can be potential carriers of the virus. After the initial differentiation and identification, the system can then notify the employers and employees of the facility about the results of the conducted analysis and the pursuant results, allowing them to be more vigilant and take action where necessary to ensure a safe experience for everyone. PPE reinforcement Wearing a mask or some sort of face coverage in public spaces and especially within facilities (such as stores, for instance) has been - and will continue to be - a requirement for maintaining a safe and healthy environment for people to continue with their day-to-day lives and businesses to resume regular operations. To this extent, the object detection and identification abilities of smart cameras can further reinforce this requirement and ensure that the absence of protective equipment doesn’t go unnoticed.  Essentially, these cameras can easily identify if an individual has coverage at any given point of time or not, notifying the local authorities about any risks immediately and helping them maintain necessary safety measures without having to interrupt their workflow or worry about missing a visitor without a mask. Detecting high temperature One of the key (and the most widespread) symptoms of COVID-19 is a high fever - a certain indicator of whether an individual may have been infected with the virus or not. While identifying fever with a regular human eye is nearly impossible, AI can do so at a fraction of time by quickly scanning body temperatures of any incoming individuals and determine whether it’s above CDC’s recommended temperature of 100.4F in order to determine the risk factor and notify the local authorities to take action. Modern AI has the ability to identify facial features and characteristics with a unique level of granularity This technology is a good tactic to objectively assess potential risks that come with elevated temperatures - and sometimes, the people themselves might not realise they might (unconsciously) be carriers of the virus and thus endanger the safety of others in their vicinity. The technology is yet another step towards ensuring a safer reopening of the global economy and a more streamlined way of getting back on track while minimising the risk of spreading the virus further. It’s not all about the theory  We have tested the described approaches in our own R&D campus in Europe. The latest release of the IREX cloud enables remote fever detection and monitoring of social isolation and mask policies with AI. We have integrated thermal cameras to detect people with elevated temperature and CCTV cameras for identification and notifying those who potentially ill. In case of any health threat, the venue manager gets an instant message with a picture and exact location. These preventive steps helped our employees return to the office months earlier than it's happening in other countries. Moreover, personnel coming back to the office by their own wish as now they feel a virus-free environment in the campus - even safer than in their own homes. Now we are launching a pilot project for a well-known pharmacy chain in Florida, USA. With the help of a Computer Vision platform, staff will be able to divide customer traffic into those with normal body temperature and those who come in with elevated temperatures, as well as effectively monitor social distance norms. The goal of our potential client is to maximise the safety of customers in the post-pandemic period. Also, IREX is already deployed across hundreds of locations in the UK and will add health monitoring capability soon.

Why cloud-enabled physical security must be part of your long-term digital strategy
Why cloud-enabled physical security must be part of your long-term digital strategy

COVID-19 and the resultant lockdown saw an unprecedented demand for cloud-enabled technologies across Europe. Such services enabled people to stay connected and allowed some businesses to relocate personnel and continue to operate successfully. With enterprise-focused video conferencing mobile app downloads showing a weekly 90% increase in comparison to pre-COVID-19 figures, it’s clear that cloud services have proven invaluable in these challenging times. Now, as the benefits to business of cloud technology become apparent, and the grip of COVID-19 begins to loosen, senior decision makers must consider the learnings from the past few months and look to apply them to boost productivity, streamline costs or become more agile in the long term. Digital transformation presents some enticing advantages for those companies that have been slow to adapt. The physical security industry, traditionally video surveillance cameras (CCTV) and access control, will have witnessed how cloud infrastructure is not only cost effective and safe, but is a force multiplier for connecting platforms, services and people with potent business benefits. The future is VSaaS and ACaaS In today’s modern, connected world, dated technologies are giving way to their cloud-enabled successors, video surveillance as-a-service (VSaaS) and access control as-a-service (ACaaS). In this context, cameras and readers are added to a network as IoT devices that bring security systems up to date and represent a vital component in any modern, cyber-secure digital strategy. Frictionless access control has meant touch free access to buildings But better security is just one benefit of a much greater system that can bring real value. Built in analytics, for example, that utilise the data from network video cameras and smart access control devices, produce valuable business insights that help to inform and automate decision making. In the recent pandemic, frictionless access control has meant touch free access to buildings; while occupancy tools have helped retailers adhere to strict government guidelines on social distancing. And as more security equipment becomes connected to the wider IT network, the advantages have not been lost on the IT industry that is expressing more than a passing interest in the adoption and management of such systems. Morphean recently conducted a survey of 1000 IT decision makers across the UK and Europe, with the purpose of providing clarity around their security purchasing intent in the 2020s. Findings revealed that as many as 84% of IT managers are currently using or considering VSaaS or ACaaS systems, pointing to an appreciation of the convergence of physical security and IT security, and a willingness to embrace systems when integrated with IT in the cloud. An adaptable business model with recurring revenues Of course, it is not just the IT industry that is changing mindsets towards hosted physical security. As a result of COVID-19, end customers are demanding it too and found it easier to scale at speed when business circumstances changed. Rather than being tied to fixed IT infrastructure on premises, a hosted solution offered greater dexterity as operational challenges around the pandemic arose. Businesses were able to customise and scale quickly to meet ongoing need without the need for large upfront capital investment, instead, paying for the convenience as-a-service out of operational expenditure as a monthly cost. This is the proven business model of cloud, yet the security industry has been slow to adopt it. One key challenge is the way in which the prevalent business models in the sector operate. VSaaS is still alien to installers and integrators used to selling hardware on narrow margins, reliant on existing financial arrangements with distributors to fund new equipment. Transitioning to sales cycles based on monthly licences rather than up-front purchases won’t be easy, but the security channel must learn how if it is to remain competitive and drive new business opportunities. This recurring revenue model will be interesting for the physical security industry who will have witnessed uncertainty and, in some cases, a downturn in revenues as decisions around capital expenditure were put on hold during the crisis. Instead, convenient and recurring monthly payments will have put the installer on a firmer footing and guaranteed ongoing vendor support backed by the latest software updates and firmware upgrades to ensure delivery of a high quality service that’s always up to date and online. What is driving your digital strategy? VSaaS and ACaaS provide a flexible and fluid security and business solution Cloud is here to stay. Its resilience and ability to connect the world during the COVID-19 pandemic has proved its worth, even to the uninitiated who have now witnessed first-hand the value of connected systems. VSaaS and ACaaS provide a flexible and fluid security and business solution to meet the demands of a rapidly evolving industry, where the changing threat landscape means investing in the cloud is an investment towards success. CEOs and CIOs within the physical security reseller industry must learn the lessons and apply the learnings to drive their businesses forward in the ‘new normal’ where hosted security solutions must surely play a major part to expand their offering to a wiser customer base. Cloud-enabled physical security solutions represent an investment into improving security and operations, and a chance to forge new business relationships to face the challenges of an ever changing world.

Facial recognition: Contactless solutions for a safe, post-pandemic world
Facial recognition: Contactless solutions for a safe, post-pandemic world

Facial recognition technology has come a long way since it first came to market several years ago. Initially plagued with technical challenges and widely viewed as a futuristic solution, facial recognition is now firmly implanted in numerous consumer and business products and applications. New advancement in software, specifically in the areas of algorithms, neural networks and deep learning and/or artificial intelligence (AI), have all dramatically improved both the performance and accuracy of facial recognition, further expanding its use for an increasing number of applications. From a purely business perspective, facial recognition’s powerful identification and authentication capabilities make it ideal for two primary applications: first as a security tool, and second as a workforce management solution. The touchless, accurate credential solution Facial recognition readers meet the new emerging need to limit physical exposure to germs and viruses Even before the COVID-19 pandemic, the touchless nature of facial recognition as an access credential was gaining traction with physical and cyber security professionals. By using an individual’s face as an access control credential, facial recognition eliminates the need and expense of physical cards and proximity devices, or the need to physically enter PIN codes. In addition, facial recognition readers meet the new emerging need to limit physical exposure to germs and viruses by offering a highly accurate touchless access control credentialing solution. As a workforce management tool, facial recognition helps preserve the health of employees checking into work, while providing management with an infallible means of documenting employee time and attendance while providing a detailed history of overall workforce activity and individual personnel tracking. Both of which have been longstanding challenges due to easily compromised time tracking systems and practices. Now, nothing is left to question based on hard data. With the growing popularity of facial recognition technology, there are many choices already available with more undoubtedly on the way. Selecting the right solution for your specific access control and/or workforce management application is dependent on a very wide range of variables. But there are a few core characteristics that you should look for when evaluating facial recognition readers. Wide and near-angle LEDs Most facial recognition terminals employ some form of IR (Infrared) technology to help ensure high visibility by the unit’s image sensor. This often limits where the unit can be installed such as outdoors or near windows due to strong ambient light. More advanced facial recognition readers employ as many as 80 wide-angle near infrared LEDs and 60 narrow-angle near infrared LEDs, allowing the unit to recognise faces even in full daylight and brightly lit environments (not direct sun). This enables installation at indoor locations near windows, lobbies and building entries. 3D pixel intensity distribution analysis Another facial recognition reader advancement to look for involves three-dimensional pixel intensity analysis. Ambient lighting contains ultraviolet rays which can negate near infrared LED lighting, and can also cast shadows making it difficult for a facial recognition reader to pinpoint the facial recognition points required for identification and authentication. Three-dimensional pixel intensity distribution analysis minimises the effects of ambient light when acquiring facial images by minimising lighting contrasts. As a result, it is easier for the algorithm to recognise the shape of the face, enabling it to extract more facial features and create higher quality face templates, which are critical for accurate facial recognition. Functional ergonomics This results in a faster, more comfortable, and convenient user experience The angle and position of a facial recognition reader directly impact the performance of the unit. Facial recognition readers with different viewing angles for built-in visual and infrared cameras allows users to stand at positions that are most suitable for facial recognition with little or no effort of contortions. This results in a faster, more comfortable, and convenient user experience. High performance processing Like any intelligent edge device, the performance of a facial recognition solution is directly reliant on its processing power. New advanced facial recognition readers deliver exceptional performance by employing enhanced face template extraction technology combined with powerful processor. For example, a facial recognition reader with a 1.4 GHz quad-core processor can perform up to 3,000 facial database matches (1:N) within one second. More advanced solutions also feature Group Matching functionality capable of executing up to 30,000 matches within one second. Live face detection It is most important that the facial recognition readers you evaluate are capable of analysing faces in real time to maintain fluid entry/egress even during high volumes of employee traffic. Hardware-dependent live face detection systems employing technologies such as facial thermogram recognition and facial vein recognition require expensive hardware components, provide less accurate matches and slower authentication performance, which is counterintuitive for mainstream access control and workforce management applications. Dual authentication for added security Although the use of an advanced facial recognition reader provides the convenience, health benefits and cost-savings of touchless identification and authentication, there are many applications where more than one credential may be necessary to ensure the highest levels of security. Advanced facial recognition readers with multimodal, multifactor credentialing capabilities provide this added security benefit. For example, facial recognition readers that support multiple RFID proximity devices supporting 125 kHz and 13.56 MHz provide varying degrees of protection and greater implementation versatility. Videophone or intercom capabilities Facial recognition readers with multifunctionality can solve several challenges with one solution Facial recognition readers with multifunctionality can solve several challenges with one solution. A perfect example includes devices with SIP (session initiation protocol) videophone capabilities which effectively eliminate the need and associated expense of  installing separate intercom devices while adding another layer of security to one’s facility. The COVID-19 pandemic, and hopefully soon to follow post-pandemic world, have surely accelerated the need for highly accurate, cost-efficient, and reliable facial recognition technologies to help get people back to work safely. Selecting the right facial recognition solution for your specific access control and/or workforce management is now more important than ever before, making a little extra due diligence during the evaluation process a smart decision.