博客

Weak Links in Security Part 1: Configuration Is the Biggest Security Threat

Posted on March 28, 2018 by Gento

The rise in cyberattacks and ransomware thefts has caused businesses to shore up their IT infrastructure defenses. While the boost in security protocols is a step in the right direction, many businesses are unaware of a key threat -- improperly configured IT devices and systems. For example, postponing or altogether forgetting to change a default password can leave your vital business data ripe for the taking.

How at Risk Is Your Network's Configuration?
Many of today's IT systems include safeguards that must be carefully configured and enabled if your network is to remain secure. In fact, it is safe to say that a system’s security is all about configuration. Even the seemingly "most secure system" can be easily exploited due to a bad configuration. To put this into perspective, let’s examine a few key findings from the 2017 Data Breach Investigations Report (DBIR), 10th Edition, Annual Survey of Incidents and Breaches Trends.

  • 62 percent of breaches featured hacking.
  • 51 percent included the use of malware. In these cases, 66 percent of the time malware was installed via a malicious email attachment.
  • 81 percent of hacking-related breaches used either weak or stolen passwords.

The question that these statistics point to is simple -- what can we learn?

Phishing Still Works
Phishing is the gateway to many data breaches. Once the malware has been installed, credentials can be stolen and vulnerabilities can be exploited. This is why you need to install secondary defenses that will protect your vital assets and systems. So long as human error exists and phishing scams continue to fool employees, it is not a matter of "if" a malware attack occurs, but "when." As part of your secondary defenses, you must understand the attacks, know how to defend against them, and ensure that your configuration is ironclad.

5 Steps to a Strong ConfigurationCreating a strong configuration that works to secure your vital business data is made easier when you take the following factors into account.

  1. Endpoint Protection. -- To secure the endpoint you need to complete all browser and plug-in updates, use an updated anti-virus software protection, use Data Execution Prevention (DEP), and use Endpoint Threat Detection and Response (ETDR).
  1. Strong Passwords. -- In 2016, 63 percent of data breaches involved passwords. In 2017, 81 percent of hacking-related breaches used either weak or stolen passwords. The moral of this story is simple, any device with a weak or default password is a security vulnerability. To reduce these risks, you must change default passwords to ensure that they meet criteria like the following: 8 to 16 character length that includes one lower case, one upper case, one numeric, and one printable special character.
  1. Restrict Login Attempts. -- If a user has an infinite number of times to attempt to login, then their "strong password" becomes obsolete. Instead, you should track and limit the number of login attempts before the user is blocked from accessing the network. This simple step will not only alert you to potential hacking attempts but also provide key insights into why certain user accounts are being targeted.
  1. Leverage Alternative Authentication Mechanisms. -- An authentication server can be used to manage LDAP, active directory, radius, and TACACS. Additionally, two-factor authentication should be used to minimize potential vulnerabilities. RSA tokens, biometrics, certificate, and a smart card (or common access card) are all viable means of two-factor authentication.

 

The Bottom Line: Properly Configured Networks Are Key to Data Security
It doesn't matter how strong you think your IT security is if your network is improperly configured. Through endpoint protection, strong passwords, a restricted number of login attempts, alternative authentication, and limited access to critical systems, you can improve the configuration of your network.

In the second part of this series, we will explore the steps you can take to ensure that all devices, communications, logging, and vulnerability responses are properly configured to keep your vital business data safe.

  1. Restrict Network Access To Critical Systems. -- More than 50 percent of inside data theft jobs involved the misuse of administrative privileges. To combat this risk, you should monitor administrative privileged functions and immediately flag any anomalous behavior. These two simple actions can greatly mitigate the damage that could occur, should a hacker gain access to your network.

Other Blog Posts

The cascade effect of data center failure on businesses - why sensors are essential
Posted on November 5, 2023
人工智能的快速发展和使用力登PDU满足更高的电力需求
Posted on October 11, 2023
Data Center Report Fewer Outages, But Downtime Still Costly
Posted on September 20, 2023
Survey: Energy Usage and Staffing Shortages Challenge Data Centers
Posted on September 20, 2023
力登安全交换机(RSS):安全NIAP 4.0兼容式桌面型KVM
Posted on September 20, 2023

View all Blog Posts

力登官方微信公众号

力登官方微信公众号
cn-blogfollow

近期活动

New Zealand Cloud & Datacenter Convention 2022
3 November 2022, 9am – 4pm  •  Grand Millennium Hotel, Auckland, New Zealand
Data Centre World Singapore
12th – 13th Oct 2022
Korea Cloud & Datacenter Convention 2022
6th Oct 2022
Philippines Cloud & Datacenter Convention 2022
4th Aug 2022
JANOG50 Meeting Hokkaido
3th – 15th July 2022

View all Events

力登最新新闻

重振数据中心行业—罗格朗重磅推出两款革命性的智能机架式PDU!
Posted on May 1, 2023
独家专访丨惠州如何升级制造业?法资企业CEO提了个建议
Posted on December 2, 2021
力登公司推出MasterConsole®数字双显示器KVM切换器
Posted on February 18, 2021
Legrand Data, Power and Control Division Announced as Finalist in Six Categories at DCS Awards 2020
Posted on November 9, 2020
力登公司(Raritan)推出新型智慧型机架控制器(SRC),用于智能地管理数据中心和关键基础设施中的环境和安全信息
Posted on November 9, 2020

View all news