Cyber security responsibilities: who owns it?

The Stop. Think. Connect. campaign is five years old this year, and while it has achieved several of the goals it began with, much of the public’s increased awareness of cyber security has been based on the increasingly alarming data breaches of large corporations and the government.

Statistics from the campaign say that “Nearly two-thirds of the American public have heard, read or seen something about online safety and security issues recently. However, most of what the news they remember is negative: identity theft, privacy loss, and increased frequency of attacks.” Maybe that’s not a bad thing because to a degree, fear is a good motivator. You might think the nightly news would drive a feeling of helplessness among consumers, but according the Campaign there is a clear personal ownership side to attacking the problem:

  • 96 percent of Americans feel a personal responsibility to be safer and more secure online
  • 93 percent believe their online actions can protect not only friends and family but also help to make the Web safer for everyone around the world

There is a limit to what people feel like they can do on their own, with corporations and government retaining key responsibilities for cyber security. A couple of other stats point to this perception:

  • 61 percent believe that much of online safety and security falls under their personal control, and consistent with those feelings, 90 percent said they want to learn more about keeping safer on the Internet
  • 48 percent feel their actions to stay safe and secure can have a positive impact on financial, economic, and national security of the country, indicating Americans are open to making the bridge between their own safety and the nation’s security

Companies like Uplogix and other National Cyber Security Awareness Month Champions are doing their part to contribute to overall cyber security. Our advanced out-of-band platform makes it possible to remotely manage network infrastructure more securely and with fewer downtime events that often lead to breakdowns of secure procedures.

As a closed appliance, we’re inherently more secure than other console servers on the market. The underlying Linux OS does not have root access, which eliminates threat vectors possible with an open console server. Beyond the separation from the OS, the Uplogix platform is FIPS 140-2 Level Two Certified — not just a component of the solution like a FIPS-certified Open SSL library. Our solid state hard drives are available with AES-256 disk encryption, and only the SSH port is open by default.

Our feature set extends role-based administrative access policies to devices with detailed auditing and reporting for compliance when the network is up, or down. This is important, because in the heat of the moment when network problems arise, urgency often prevails over security. Break-glass root passwords are issued to empower technicians to console connect to devices and resolve issues, any centralized administrative audit is off-line, and carefully crafted policies intended to protect data are quickly bypassed setting the stage for a serious breach, unintended or not.

For more information on how Uplogix can improve cyber security in your network management, take a look at out-of-band for stronger network security.



Subscribe to Blog Updates

More Posts

Uplogix Resource Center

Uplogix attacks the challenges of network management from a different angle. Take a few minutes to browse through our Data Sheets, Case Studies and additional resources to see for yourself.