Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

10 strategic security initiatives for every organization

IT Best Practices Alert By Linda Musthaler, Network World
February 19, 2010 12:06 AM ET
Musthaler
Sign up for this newsletter now!

The CIO-level business angle on the latest tech

  • Share/Email
  • Tweet This
  • Comment
  • Print

Where computer security is involved, it's always good to understand the kinds of breaches that companies have suffered and what the actual or suspected vulnerabilities were that allowed the breaches to occur. It is in this spirit that the members of SpiderLabs, the advanced security team within Trustwave, have published their Global Security Report of 2010. The report is based on more than 200 forensic studies and almost 1,900 penetration tests conducted by SpiderLabs in 2009.

For the most part, SpiderLabs' report is fairly consistent with security breach reports published by other security consultants and investigative agencies. By this I mean that thieves tend to target high-value information such as credit card data, Social Security numbers and other information that can easily be sold in the underground economy. In SpiderLabs' investigations, point-of-sale software systems were the most frequently breached systems.

Another consistency with other security reports is the fact that many breaches can be traced to known vulnerabilities that had been left unpatched. This further emphasizes the importance of a consistent patch strategy within your organization.

I recently talked with Nicholas Percoco, senior vice president of SpiderLabs, to get his recommendations of strategic initiatives for every organization. If you follow Percoco's top 10 recommendations, you should vastly improve your company's risk of a security breach.

1. Perform and maintain a complete asset inventory, and decommission old systems. Knowing precisely what you have is the first step to securing it. Percoco says his team's investigations frequently find devices that the customer organization doesn't even know about. In addition, the investigations often turn up old systems that have a planned decommission date. The customers often aren't concerned about keeping such systems up to date with patches because they are due to be taken off-line soon. Percoco says that in 75% of the cases, those systems slated for decommissioning are still in use a year later --unpatched and more vulnerable than ever.

2. Monitor your third-party relationships.  In 81% of the cases the SpiderLabs team investigated, third-party vendors and their products were responsible for introducing vulnerabilities, mostly stemming from insecure remote access implementations and default, vendor-supplied credentials. Percoco advises that you discuss your security policies with your vendors and ensure they adhere to them.

3. Segment your network into as many zones as feasibly possible. If you've got a completely flat network, and one device on that network can see or talk to any other device, you've got a problem. A hacker gaining entry to this network has easy access to everything. Percoco tells a story about using a network connection in a hotel conference room. From there he was able to see the hotel's reservations system. Uh oh.

4. Rethink your wireless implementation. Wireless security is a fast-moving target that companies often struggle to keep up with. Percoco recommends you never place wireless access points within your corporate core network; rather, place them outside your network and treat them like any other remote access medium. Your perimeter security should help keep unwanted visitors out.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Our Commenting Policies
Latest News
rssRss Feed
View more Latest News