🔓 Introduction: Internal Network Breach

Following a recent security upgrade, Jordan, the Chief Information Security Officer (CISO), and the Managed Security Service Provider (MSSP) team are confronted with an internal challenge. The IT department has bypassed the established network protocols to establish their own network for downloading games and anonymizing their online activities.

🌐 Act 1: Detection of Unauthorized Activity

The MSSP’s network monitoring solutions alert the team to abnormal network traffic patterns occurring after hours. Investigation by the security team reveals an unsanctioned network, complete with unapproved applications and proxy configurations, presenting a clear security violation.

🔓 Act 2: Constructive Remediation

Jordan engages with the IT department through dialogue, seeking to understand their needs and educating them on the security risks of their clandestine network. This proactive engagement serves to align IT operations with security policies while maintaining an open line of communication.

🔧 Act 3: Systems and Policies Update

To prevent future unauthorized network setups, Jordan and the MSSP implement the following changes:

Policy Refinement: The network usage policies are updated to balance the IT department’s requirements with security needs.

Authorized Requests Process: A formalized process is established for the IT staff to request access to new tools and websites, ensuring they are vetted for security before approval.

Regular Security Briefings: Security briefings are introduced to keep staff informed about the importance of adhering to the network policies and the dangers of shadow IT networks.

Enhanced Network Monitoring: The MSSP improves their network monitoring to catch any unusual activity and unauthorized setups more effectively.

🔜 Teaser for Episode 19: “Diving for Data”

As Jordan and the MSSP tighten their network security, they face a new kind of threat: Dumpster Diving. Sensitive data discarded carelessly threatened the company’s privacy.