With data breaches of all varieties constantly in the news these days, it’s hard to miss the fact that the threat of a network security breach has never been more immediate, and the consequences have never been more serious. The sheer amount of personal data stored on networks—from financial records to healthcare information to personal emails—means that, more than ever, networks are targets for those with nefarious intentions.
Hackers are always working on new ways to subvert technological solutions and outsmart trained employees, taking advantage of end-user error and lack of awareness in order to gain access to and exploit private information. But the security industry works to stay one step ahead. In keeping with that, the time is now to make yourself aware of the following potential network vulnerabilities. Data breaches are too costly for customers, both in financial terms and in terms of reputation, for you to wait.
USB Drives Carrying Malicious Software
Once upon a time, back when floppy disks were the main method by which data were shared, inserting a disk into a drive would automatically trigger a scan for a virus on a PC or Mac—this was standard operating procedure. As we have moved toward shared data, cloud-based tools, and other methods that depend on networked communications, one could argue that we’ve lost sight of how easy it is to introduce malware to a system through an external physical source.
Introducing an external repository of stored data to a machine is an easy way to subvert security protocols geared toward networks rather than individual machines. Last year’s announcement of BadUSB—a theoretical USB exploit that could lead to the automatic infection of computers—and the proliferation of worms capable of exploiting a computer’s AutoRun feature have shown that USBs can unfortunately carry the same risk as virus-infected disks of the past.
Smartphones and Other Less Obvious Storage Devices
In today’s workplace, almost every person walking in and out of an office is carrying a data storage device, and few of them are completely aware of it. People bring their smartphones to work and plug them directly into their work computer’s USB port in order to charge them, never thinking that a smartphone has a hard drive—one that is as prone to being infected with malware as any other. The most innocent mobile device from the most unsuspecting user can be ground zero for an infection that proliferates across an entire network.
Weak Internal Security That is Prone to Exploits
While hardware coming in and out of a business poses certain big risks, there are other scenarios that require no such direct physical access to internal systems. These are the cases in which a network features some weakness that makes it easy for a hacker to gain access to the system.
There are different types of weaknesses that an enterprise’s internal network can suffer from, such as:
- Easily guessed or cracked passwords on critical systems
- Security patches, OS updates, and software updates and upgrades that go uninstalled, leaving systems open to known vulnerabilities
- Phishing schemes that convince users to give up passwords, click on malicious links that infect systems, or otherwise unknowingly compromise networks
What Can a Business Do?
The way to close off these network vulnerabilities is with a combination of good technology and good policies. Having good anti-malware tools installed on each system and having sensible, strongly enforced policies governing how external devices are used within the office environment can limit the chances of malware jumping from a USB or a smartphone onto a computer and running rampant on a network. Having a knowledgeable IT staff that carries out server maintenance can prevent patches from going uninstalled and leaving networks vulnerable. Having high-quality email server management and usage policies can prevent an office from falling victim to phishing attacks.
For value-added resellers, providing the best security software available is a must, and providing the necessary education and support to go with it is an incredibly valuable add-on to provide to an enterprise of any size.
What have you done to prepare clients for network vulnerabilities?