Monday, June 14, 2010

Top 10 Enterprise Security Risks

Network administrators are besieged today with a growing list of security risks, and analysts warn that too often they get caught up in battling one or two vulnerabilities and remain blind to a league of others.

Security officers have been battling worms, viruses, denial of service attacks and hackers for years now. When you add the threat of cyber-terrorism, employees using Instant Messengers and downloading full-length feature movies onto their work PCs, the list of risks is multiplying far faster than security budgets or staffs can keep pace.

SilentRunner has created a Top 10 list of risk factors that security administrators should guard against. Here's what has made their short list of vulnerabilities:

1. Email Attachments -- Workers opening an attachment could unleash a worm or virus onto the corporate network, and a new evolution of viruses means that they can propagate themselves even without a user double-clicking on them;
2. VPN Tunnel Vulnerabilities -- A hacker who worms his way into the VPN has free and easy access to the network;
3. Blended Attacks -- Worms and viruses are becoming more complicated, and now a single one may be able to execute itself or even attack more than one platform;
4. Diversionary Tactics -- Hackers may strike a set of servers in a target company and then when security administrators are busy putting out that fire, they slip in and attack another part of the network;
5. Downloads from Web Sites -- Workers frequently misuse their Internet access in the workplace, downloading games, movies and music and even porn. It opens the network up to attack and sucks up valuable bandwidth;
6. Supply Chain and Partners Added to the Network -- An administrator may grant access to the network for a partner company and then forget to close that access point when the job is over. The same applies to employees who are leaving the company;
7. Microsoft's SOAP -- The Simple Object Access Protocol (SOAP) doesn't have security specifications built into it, warns Silent Runner's Woolley;
8. Renaming Documents -- An employee could save business-critical information in a different file, give it a random, unrelated name and email the information to her home computer, a friend or even a corporate competitor. Monitoring software that checks emails leaving the company might fail to pick up on the outgoing message if the subject name has been changed;
9. Peer-to-Peer Applications -- In a peer-to-peer environment there is an implied trust between servers. That means if a user has access to one server, he automatically has access to another if the servers share trust. Woolley points out that hackers or rogue employees can gain access to one server and move freely throughout the network;
10. Music and Video Browsers -- These are browsers that automatically will connect the user with related web sites -- all without the user's permission. A music browser, for instance, may note that the user likes jazz so will connect the user to other jazz sites and executable applications, putting the network at risk and potentially using up huge amounts of bandwidth.

No comments: