With out-of-bound traffic segregation and end-to-end encrypted tunnel, Cisco Meraki Dashboard is a very secure interface with which to manage and monitor your network. In addition to these powerful tools Meraki has provided network administrators and system owners with additional powerful tools to secure their Cloud Dashboard, even in the event of someone obtaining their user name and password. Four of these new tools include:
1. Enable Two-Factor Authentication
Two-factor authentication limits an attacker’s ability to access your sensitive Dashboard configurations by requiring that any administrative logins be accompanied with a randomly-generated code that is sent solely to the administrator’s phone.
In this way even if someone discovers your username and password, they are unable to access any of your data. A simple and cost-effective method to increasing security, two-factor authentication is compatible with every Cloud-enabled Meraki device, and is already included in the device cost for all enterprise customers.
2. Utilize Effective User Management
Often it is advantageous for a business owner to give others access to their Meraki dashboard, such as the network or system administrators who configure, monitor, and upgrade the network infrastructure. Administrators are able to force adherence to strict password policy rules for all users, including password rotation, as well as additional security features such as failed login account lockout, and even limiting the IP addresses which can access the Dashboard.
By following the principle of “least privilege” an administrator can ensure a subordinate has only the access they require, without permissions to more sensitive or important functions or features of the Dashboard. This user management is performed using predefined or custom security roles, where every aspect of their access is defined and controlled.
3. Verify Logs and SSL Certificates
Administrative users with full access can view all actions taken by users in the Cloud Dashboard, including user name, time, approximate geographical location, and device the change was made from. By regularly auditing these easy-to-follow logs you can be sure no unnecessary or extraneous changes are being made without your knowledge, let alone hostile or malicious ones.
All communication between a client and the Meraki Cloud Dashboard is available through SSL-encrypted HTTPS only. By verifying that the certificate used to protect your data has not changed, you can rest assured that your communication with the Dashboard is going straight to your Meraki account and isn’t being hijacked by damaging man-in-the-middle attacks.
4. Enable Idle Timeouts
One of the most-exploited avenues to gain administrative account access to secure websites are administrators who never log out of their accounts. The Meraki Dashboard makes it easy to guard against this vulnerability by making setting idle timeouts a snap. If a user accessing your Cloud Dashboard has not been active for a period of time set by you, they will be automatically logged out, protecting their session against hijacking.
To make sure no user is inadvertently disconnected, a window will appear on-screen thirty seconds before they are automatically logged off, giving the user an opportunity to remain logged in and working, particularly useful if they were in the middle of looking up documentation.
Security is Key
Meraki has taken the security of their users to heart, and every advantage is given to network administrators and business owners seeking to manage their network in a protected environment. Interested in how the security settings within the Meraki Cloud Dashboard can help you stay safe against online and internal threats? Call Team One Solutions today at 1-866-832-6663 for more information!
IT Professionals Receive a Free AP
Want to learn more about Cisco Meraki and the opportunity to receive a free Meraki access point? Sign up for our free webinar, that includes a live demo of the Meraki Dashboard and how it works.
* To be eligible for a free access point, participants must be an IT professional. Existing Meraki customers are not eligible. Limit of one free AP per company. For more details, click here.