Welcome
 | 
My Account
Welcome
 | 
My Account
Welcome
 | 
My Account

CyberHealth

How Do I Know What’s On My Network?

July 22, 2022
Click image to view gallery

The first step towards protecting your computer network is to know exactly what is connected to it.  In fact, it’s the reason why having an “Inventory and Control over Enterprise Assets” is the first control in the CIS List of 18 Critical Information Security Controls.  However, many companies have devices connected to their network that are either not company owned and managed, are part of a broader piece of equipment that is enabled by default or has not been properly configured, or are personal devices brought to the workplace, all of which create potential vulnerabilities and entry points for cyber attackers.

It is actually easier than you think to conduct a network scan, and there are many free tools out there to assist you with conducting a scan of your network that can output a list of what is connected to it.  This can be done in minutes.  Once you’ve conducted that initial scan, it’s important to review the list of devices and determine whether the device should or should not be connected to your network.  If there are any devices you don’t recognize, it’s important to follow up and identify what that device truly is so you can determine if it should be connected and whether or not it is properly secured.  It may help to document your findings in the form of an inventory spreadsheet or system if you have one, so that you can leverage your list of known assets during your next scan.  You can also review your firewall or router’s DHCP logs to determine what devices have connected to your network in the past, or what is currently connected at a point in time.

With today’s quickly evolving threat landscape, the approach of “set it and forget it” is no longer adequate when it comes to network security.  Taking this important step to understand what is connected to your network can help keep potential vulnerabilities from becoming full blown cyber-attacks and keep your company secure.