5 Leading causes of computer security breaches and what can be done to defend your corporate networks
by Bevil Wooding
Security breaches involving computer networks have been making headlines with frightening regularity. Yet despite several high-profile stories about network hacks, distributed denial-of-service (DDoS) attacks and data theft, many businesses remain unprepared or improperly protected from today’s security threats.
Growing Threat
Each new technology seems to be escorted by a new security threat and no organization is immune. In fact, even though small- to midsized businesses (SMB) don't have the luxury of dedicated information security teams and resources that larger enterprises can afford, they still face many of the same threats.
The harsh reality is that network security threats are becoming increasingly sophisticated as computer hackers become better funded and better organized. This presents a real challenges for IT professionals and network administrators. A recent Trustwave State of Risk Report, which surveyed IT professionals about security weaknesses, found that a majority of businesses had no or only partial systems in place for controlling and tracking sensitive data.
Defending Corporate Networks
So, what can companies do to better protect themselves and their customers’, sensitive data from security threats?
The experts at the Caribbean Network Operators Group, CaribNOG, have been looking at the issue of network security and specifically at the threats to Caribbean networks. Following are the five of the most common sources, or causes, of security breaches and what businesses can, and should, do to protect against them.
Risk 1: Internal Vulnerabilities
“Internal attacks are one of the biggest threats facing corporate data and systems,” states Stephen Lee, CEO of ArkiTechs Inc., an IT services firm specializing in IT security audits. “Disgruntled or disaffected employees, especially IT officers with knowledge of and access to corporate networks and administrative accounts, can cause major damage, measured in dollars, lost trust and a tarnished brand,” Lee says.
Solution: Companies should implement the both the protocols and the infrastructure to track, log and record privileged account activity. This can allow for a quick response to malicious activity and mitigate potential damage early in the attack cycle. The foundation for this is the input from business and technology managers to ensure that these security controls are adequate relative to risk and business priorities. IT departments, as well, must constantly evaluate internal security measures and policies to identify any shortcomings that may be exposing the company to risk.
Risk 2: Mobile Devices
According to a BT study, mobile security breaches have affected more than two-thirds (68 percent) of global organizations in the last 12 months.
“More employees are using their mobile devices to access corporate systems, like email, file servers and virtual private networks. Loss, theft or even hacking of these devices via malware or other Trojan software can present a significant threat to corporate networks,” says Steve Spence, Managing Director at Data Shield, a Trinidad-based network security firm.
Solution: Make sure you have a carefully spelled out mobile security policy. With a mobile device policy, an a Bring-Your-Own-Device (BYOD) policy in place, employees can be better sensitized about device expectations and organizations can better monitor email, documents and other digital assets that are being downloaded to company or employee-owned devices. Effective monitoring provides companies with greater visibility into mobile data-loss risks, and enables them to quickly address exposures if mobile devices are lost, stolen or compromised.
Risk 3: Unpatched Devices
“Network devices, such as routers, servers and printers employ software or firmware in their operation. Too often, updates and security patches are not implemented in a timely manner,” says Robin Ryan¸ Network Administrator at Teleios Systems. “This can leave security holes in your network that can be exploited by attackers to gain access to your data or control of critical processes.”
Solution: Institute a patch management program to ensure that devices, and software, are kept up to date at all times. More importantly, is enforce of a policy that whereby if a certain piece of equipment is not or cannot be updated or patched within a certain amount of time, it is taken offline.
Risk 4: Cloud Applications
“As cloud computing becomes more ubiquitous in the business setting, corporate decision makers and IT professionals must take deliberate steps to become more sensitive to the real risks of cloud computing security,” according to Brent McIntosh, Network Specialist Data at Cable and Wireless and a peering coordinator at the Grenada Internet Exchange Point.
There are several cloud-related risks organizations are exposed to, including data loss, data leakage and account hijacking. The prospect of seeing your organization’s valuable data disappear into the ether is real. Cloud computing also creates the real possibility of an attacker gains access to administrative credentials, which they can use to eavesdrop on activities and transactions, pilfer intellectual property, manipulate data or even redirect your users to illegitimate sites.
Solution: It is imperative that organizations identify precisely where the greatest cloud-related threats lie, and take decisive steps to mitigate against it. One of the best defenses against a cloud-based threat is to using strong encryption to prevent unauthorized third parties from accessing the data in the cloud.
Risk 5: Careless or Uninformed Users
“An absent minded worker who forgets his unlocked smartphone in a restaurant is as dangerous as a disgruntled user who maliciously leaks corporate information or sabotages computer systems,” says Clair Craig, Enterprise Applications Support Manager at the University of the West Indies. “Employees who are not trained in or constantly sensitized to security best practices pose an enormous security threat to their employers’ systems and data,” Craig added.
Using weak passwords, visiting unauthorized websites, clicking on links in suspicious emails or opening malicious email attachments are some of the common actions of careless or uninformed users.
Solution: “Training, education and supporting policy are key to sensitizing employees on cyber security best practices and changing default behavior. Some employees simply may not know how to protect themselves online, which can put your business at risk, Craig explained.
Regular training sessions can go a long way to helping employees learn how to serve as main line of defense against corporate threats. Basic action like managing strong passwords and avoiding hacks like phishing and email related scams help keep corporate networks secure. Organizations should also provide ongoing support to make sure employees have the resources they need.
Bevil Wooding is a founding member of the Caribbean Network Operators Group, CaribNOG (www.caribnog.org), a volunteer-based group of Caribbean IT professionals, security specialists and network administrators. He is also an Internet Strategist with Packet Clearing House (www.pch.net) an international research and capacity building non-profit organization. Follow on Twitter: @bevilwooding