The National Security Agency has published three cybersecurity information sheets outlining critical mitigation strategies to safeguard organizations’ edge device systems, including firewalls, routers and virtual private network gateways.
The publication provides guidance to secure edge devices and recommendations for tactical, operational and strategic personnel to enhance network security and bolster resilience against cyberthreats, NSA said Tuesday. The documents were released in collaboration with participating agencies from Australia, Canada, the United Kingdom, New Zealand, the Netherlands, the Czech Republic, Japan and South Korea.
Table of Contents
Prioritizing Edge Device Security
The documents highlight the importance of prioritizing edge device security so organizations can better protect their endpoints, critical services and sensitive data, according to Eric Chudow, a cybersecurity vulnerability expert at NSA. “Edge devices act as boundaries between organizations’ internal enterprise networks and the Internet. If left unsecured, even unskilled malicious cyber actors have an easier time finding and exploiting vulnerabilities in their software or configurations,” he noted.
Guidance for Securing Edge Devices
The “Mitigation Strategies for Edge Devices: Executive Guidance” report is designed to guide executives responsible for the deployment, security and maintenance of enterprise networks. It provides mitigation strategies for managing and securing edge devices, such as knowing the edge, procuring secure-by-design devices, applying hardening updates, implementing strong authentication, disabling unnecessary features and ports, securing management interfaces and centralizing monitoring for threat detection.
Meanwhile, the “Mitigation Strategies for Edge Devices: Practitioners Guidance” guide is for operational, cybersecurity and procurement staff. It gives an overview of the risks and threats faced by edge devices. On the other hand, the “Security Considerations for Edge Devices” guidance details the common malicious techniques used against edge devices, offers mitigation recommendations to help organizations minimize the risk of compromise and helps edge device manufacturers to improve the built-in and default security of their products.