In an age where internet security is needed (i.e. Ashley Madison) how can your company be better aware of security flaws?
It seems like every few months we’re hearing about a massive hack on a major company. Think Target in 2014, Sony, and this past summer, Ashley Madison. Forget your personal views on Ashley Madison; the most important lesson we learn from this hack is about security, not fidelity. 37 million users’ personal information leaked, and the company will likely never recover from the financial burden. The Internet simply wasn’t built for security, and it takes much more cunning and vigilance to thwart today’s sophisticated hackers. As we move forward, security becomes ever more important, and a differentiator among companies. No matter what your line of work or who your customers are, these 7 security flaws cannot be ignored.
“Life’s Short, Fix Your Security Flaws”.
Lack of Security Policies
First thing’s first: make sure you have a plan. You need to know what parts of your business are vulnerable, and which needs your attention before you can properly secure it. It’s best to connect with a security professional and to complete an audit of your entire IT infrastructure. Make sure your security audit encompasses any and all platforms — computers, network, mobile, and cloud. Security measures will differ across all platforms, so give each the special attention it deserves!
When it comes to security policy with your team, don’t just ask your employees to work securely; implement clear, easy-to-follow policies to make sure that employees are maintaining a secure working environment. Mandate that all computers be connected to the corporate network and be equipped with security software, and never give security info over the phone. Educate employees on their role in preventing data breaches. A huge portion of security flaws are the result of human error, and established policies help your entire staff be more security aware.
Auditing security and policy regularly isn’t an easy task, but documenting and tracking changes ensures that information in your networks are kept secure.
Buffer overflows are a longstanding security flaw in systems, starting with the 1988 Morris’ Worm and continuing into modern day with an amateurish error. This May, a security firm found that Linux’ kernel driver, NetUSB, contained the same error that is readily exploitable by hackers. Computer programs use pieces of data that are read from a file, network, or keyboard, and programs extract compartmentalized pieces of memory, called buffers. The program uses these buffers to store data as it works on it, but programs sometimes write or read more from a buffer than what a buffer holds, thus creating a buffer overflow which hackers can take advantage of.
It’s easy to get in the mindset of writing off “back end” portions as internal only and secure from Internet-based threats. In this line of thinking, a lot of companies fail to encrypt back end data. You are surely mistaken if you think this information is not vulnerable through the internet. Why? Databases contain a networking interface too; hackers can exploit this traffic and without much difficulty. You can avoid this by making use of SSL or TLS encrypted communication platforms.
While key management systems are meant to keep keys safe, it’s commonplace to store encryption keys on company disk drives under the assumption they will be needed in case of database failure. This is dangerous, as unprotected keys leave systems vulnerable to attack. Tie encryption keys to admin logins, to your hardware, and store keys in a different server. It’s important to layer your approach to key management, making it difficult to access for some, and backed up in safe places in case of a breach.
Lock Down the Network
Only about 4% of hacks can be traced to employees, but it’s important to understand that the risk is there and potentially much more detrimental from someone with privileged information. Lock down your network from both internal and external threats by preventing data upload to file sharing websites and email, and monitoring security-sensitive data. A good first line of defense against branches are web and email security gateways, which will inspect inbound traffic for spam/malware, and can also function to monitor outbound traffic. This internal defense system works as a relay, or proxy to web and email traffic from employees. There are also some good network-based DLP products to measure internal social media use, messaging, and file sharing.
At the network level, you can also employ a behavioral anomaly detection system, which monitors baseline network activity and sends alerts when activity deviates from the norm. If an individual computer touches many more computers/servers or transfers more info per day than usual, a red flag is sent to the administrator.
DataBase Feature Abuse
Misuse of standard database features is a security flaw that most may not even be aware of, but has been linked to every major exploit in the last few years. A simple, but unnecessary tool can grant legitimate credentials to a hacker, giving them access to run arbitrary code once they’re in. Even the simplest of flaws put a database at risk of being taken advantage of or bypassed entirely. Follow the database books and you’ll at least shrink the surface area for hackers to learn and launch attacks.
The most common cause of database vulnerabilities result from improper attention at the moment of deployment. Of course, it’s normal to test a database at deployment to make sure it’s working properly. The problem is that not many check a database for things it should not be doing. Establishing a security protocol at deployment is incredibly important to establishing and maintaining database security.
Databases are a key part of your strategy, helping you survive anything from a flood to an accidental file deletion. They may also be a lifesaver in the case of cyber blackmail. You’ll definitely want a backup on hand if some hacker criminal is threatening to delete your data. Naturally, companies are on the lookout for external hackers, but be equally as wary of those inside the corporation. The best practice to protect from internal AND external threats is to encrypt archives and consider storing them in a secure, remote location away from the primary business location.
Today, data rules, and safeguarding financial information, intellectual property, and your company’s security reputation are a critical part of your business strategy. It’s no easy task – with the speed of technology evolution, it’s difficult to stay one step ahead of hackers. Don’t waste time wondering whether an attack is motivated by revenge or financial/information gain, prepare for anything by addressing security flaws ahead of time.