Keeping your network safe is one of the most important things you can do for your business, especially for organizations that collect customer data. Of course, there are areas that might be missed, and we will be reviewing some of these commonly missed areas. Obvious holes such as not having a firewall won’t be addressed, though of course you should certainly have a firewall.
Outdated Infrastructure
It’s easy to forget about your hardware and leave it be, running on an operating system that had been around during a previous US president’s administration simply because it seems to be working. While the application itself might be functioning, at a security level you've basically given hackers and other malicious entities the key to the city if said ancient OS is XP, and the day of reckoning isn't far off if it is Server 2003. Most attacks and exploits take advantage of older code to get into your system and steal data and cause other types of havoc. The same thing applies to the age of the actual server - older servers might simply be drawing power because their 'application' might not even be used anymore, causing more work for updates, and increasing your bill while a newer machine can function for multiple older ones by leveraging virtualization.
Unsecured Servers
Having an unsecured server holding any type of confidential data, even a server that never connects to the internet, is a horrible idea. Just because the server can’t be attacked from the web (in theory) doesn't mean that a physical attack in the real world won’t break into your data. Even if the physical threat were the only threat is reason enough to protect these machines, but if any internet-connected machines do talk to this server, then attackers can steal data through man-in-the-middle attacks and steal data while it is transmitted or downloaded from the server in question. Of course, hackers could also crack into the accessing PC/Tablet/Mobile getting the data from the server and take over that piece entirely, giving them another way to get to this defenseless server. It’s just not a good idea.
Not testing the network
Let’s say that you have done everything by the book - installed a firewall, everything is secured, and as far as you can tell everything is done. It’s time to go out, enjoy the fact that you are safe and celebrate, right? Wrong - work in the security field is never truly done. Updates come out constantly for various pieces of software, and while a network configuration was ideal when you first installed everything, something might have broken as adjustments are made over time. It’s important to constantly check your work and try to break in yourself (or hire a consultant to do it for you) to make sure that every door is locked and there is no way to get in, aside from stealing someone’s credentials and getting the key anyway. On that note…
Educate your Staff
Social engineering, phishing attacks, and all the other nasty elements of the world of malware can easily rear its ugly head among staff members who don’t know or understand that the nice prince from Nigeria trying to give them millions of dollars is really a fraud. Educate your team about these types of attacks, encourage them to use VPN access to access any files out of the office, and show them how to use encryption for sensitive data. Employees should also be encouraged to share with IT whenever they get odd emails or phone calls, or find anything on the web that could be disruptive. You can have all the walls in the world protecting your data, but if someone has the golden ticket to get inside thanks to a duped employee than none of it really matters. If you are in the IT industry and provide managed services to your clients, all of this should be communicated to the client-base as well.
Alejandro
