You are here


IT Monitoring Buyer’s Guide: Does Your Monitored IT Estate Need Encryption?

<p>[[{"type":"media","view_mode":"media_original","fid":"11092","attributes":{"alt":"","class":"media-image","height":"512","style":"width: 220px; height: 220px; float: right;","width":"512"}}]]Security has gone mainstream. As we transition more aspects of our lives online and to mobile devices, the unintended consequence is that we leave ourselves more vulnerable. If the public didn’t know this before, it certainly does now, following years of high-profile data breaches and hacks of some of the world’s most prominent companies.</p>

<p>On the other hand, security is old hat for system administrators. Over the years, you’ve probably built a resilient, secure network that is resistant to whatever new vulnerabilities and exploits may surface. In building your highly secure network, though, did you consider adding encryption capabilities to your IT monitoring platform?</p>

<p>Encryption is a somewhat new addition to the world of IT monitoring, but it’s one that some sysadmins shouldn’t overlook. Cyber attackers will always search for the path of least resistance, and if it’s your monitoring system that happens to be vulnerable, that’s exactly where they’ll train their sights. They’ll paint a target on your IT monitoring platform and view it as the unlocked door leading to the rest of your network and whatever sensitive information it may contain.</p>

<p>If you’re a sysadmin that’s already built a secure IT estate, but aren’t sure whether encryption is a necessary add-on, then we’ve compiled just the resource you need. We’ve spoken to our own sysadmins about some of considerations around opting for encryption in your IT monitoring platform, and we’ve gathered them here, as part three of our ongoing “IT Monitoring Buyer’s Guide” blog post series:</p>

<h2>Why Encryption?</h2>

<p>Encryption is a fairly unique offering in IT monitoring at the moment. Some of the bigger platforms talk about it, but on the whole, encryption isn’t yet that widespread – most platforms don’t put as high an onus on how they store, handle or transport data.</p>

<p>This could be a major oversight for sysadmins presiding over highly secure networks, specifically in the verticals of retail, healthcare and finance. For these sysadmins, it’s not necessarily emerging threats they should be concerned with, but rather, hefty compliance requirements around how they manage and store sensitive information.</p>

<p>The compliance standards these sysadmins follow – as laid out by the Payment Card Industry (PCI), the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act (SOX) – are stringent and constantly evolving, and noncompliance could expose companies to financial penalties and reputation damage. It’s no small task for sysadmins to meet these requirements, especially given the size and complexity of some IT estates.</p>

<p>Encryption helps them to meet these goals.</p>

<p>[[{"type":"media","view_mode":"media_original","fid":"11093","attributes":{"alt":"","class":"media-image","height":"353","style":"width: 550px; height: 303px;","width":"640"}}]]</p>

<h2>How Encryption Works</h2>

<p>When sensitive network data are stored in plain text in the GUI or the database, that information isn’t safe. An attacker could break into the network tunnel between the central server and whatever is being monitored – and gain access to your network crown jewels.&nbsp;</p>

<p>By encrypting traffic to and from your central server and the servers and devices you’re monitoring, you’ll shield the information from attackers. Most importantly, even if an attacker is able to breach one corner of your network, they won’t have access to everything.</p>

<p>The highest level of encryption – AES256 – covers all passwords and sensitive data used within the monitored IT estate. This level is so secure that it’s used by the U.S. government to encrypt data in files classified as “Top Secret.”</p>

<p>With this degree of protection, sysadmins will be able to encrypt SNMP, database connection and web authentication credentials, as well as attributes – everything that could have previously been vulnerable.</p>

<h2>The Next Step</h2>

<p>Once you’ve decided on whether to introduce encryption to your IT monitoring platform, the next step is to continue maintenance on your IT estate to ensure it stays protected. It will be up to you to take it from here and to do the ongoing heavy lifting to keep your network secure – to determine the command lines you need to execute to test for a vulnerability, to configure your firewalls to block external threats and to find appropriate fixes.</p>

<p>But, the hope is that you’ll be doing far less of that once you use start encrypting.</p>

<p><strong>Don’t forget to check out the first two posts in the IT monitoring buyer’s guide blog series, which covered <a href=" count</a> and <a href=" And stay tuned for the next post, where we’ll dive into the types of environments you may need to monitor.&nbsp;</strong></p>

Get unified insight into your IT operations with Opsview Monitor

webteam's picture
by Opsview Staff,

More like this

Jan 11, 2016
By Opsview Staff, Administrator

This weekly series will provide a recap of the most relevant news to come out of the tech world over the past

Apr 25, 2016
By Opsview Staff, Administrator

This weekly series will provide a recap of the most relevant news to come out of the tech world over the past week, with a specific focus on IT...

Dec 15, 2015
By Paul Walter,

Janet, the publically funded academic computer network, suffered the latest in a long line of DDoS (Distributed Denial of Service) attacks on...