主页 » 博客 » Weak Links in Security Part 1: Configuration Is the Biggest Security Threat
Posted on March 28, 2018 by Gento
The rise in cyberattacks and ransomware thefts has caused businesses to shore up their IT infrastructure defenses. While the boost in security protocols is a step in the right direction, many businesses are unaware of a key threat -- improperly configured IT devices and systems. For example, postponing or altogether forgetting to change a default password can leave your vital business data ripe for the taking.
How at Risk Is Your Network's Configuration?
Many of today's IT systems include safeguards that must be carefully configured and enabled if your network is to remain secure. In fact, it is safe to say that a system’s security is all about configuration. Even the seemingly "most secure system" can be easily exploited due to a bad configuration. To put this into perspective, let’s examine a few key findings from the 2017 Data Breach Investigations Report (DBIR), 10th Edition, Annual Survey of Incidents and Breaches Trends.
The question that these statistics point to is simple -- what can we learn?
Phishing Still Works
Phishing is the gateway to many data breaches. Once the malware has been installed, credentials can be stolen and vulnerabilities can be exploited. This is why you need to install secondary defenses that will protect your vital assets and systems. So long as human error exists and phishing scams continue to fool employees, it is not a matter of "if" a malware attack occurs, but "when." As part of your secondary defenses, you must understand the attacks, know how to defend against them, and ensure that your configuration is ironclad.
5 Steps to a Strong ConfigurationCreating a strong configuration that works to secure your vital business data is made easier when you take the following factors into account.
The Bottom Line: Properly Configured Networks Are Key to Data Security
It doesn't matter how strong you think your IT security is if your network is improperly configured. Through endpoint protection, strong passwords, a restricted number of login attempts, alternative authentication, and limited access to critical systems, you can improve the configuration of your network.
In the second part of this series, we will explore the steps you can take to ensure that all devices, communications, logging, and vulnerability responses are properly configured to keep your vital business data safe.