Should I be worried about security vulnerabilities?
If your business maintains information on computer systems, you should be concerned about computer security vulnerabilities at some level. Your concerns will be much different if you have thousands of computer systems vs even one or two computers.
Where would I find security vulnerabilities?
Many businesses have not discussed security related issues or implemented security related policies. When you consider your security vulnerabilities, you may want to consider the following "layers" of vulnerabilities.
Your Internet Connection(s) link you to millions of other people. Unfortunately, not all of these people are friendly. If you have not implemented reasonable security at this or other "network perimeters" (such as connections to vendors or customers), you may be very vulnerable to an attack.
Security measures can include firewalls, network address translation (NAT), network antivirus, SPAM filtering and more.
You may be vulnerable to an attack if unauthorized users can connect to your corporate network. Some networks are so large that it can become difficult to prevent unauthorized users from "plugging in" or connecting to your network. Wireless networks are especially vulnerable if not properly secured because the attacker does not necessarily need to gain physical access to your building to connect to your network.
Security measures can include wireless encryption, maintaining an inventory of physical connections, and more.
Each computer system on your network can pose a security threat regardless of whether it is a network server or an end user workstation. If someone is able to access or gain control of one of your computer systems, it becomes much more difficult to detect them if they choose to further explore your network. Also, keep in mind that your employees do not always need access to all systems on your network.
Security measures include maintaining the latest Operating System patches, current antivirus software, auditing user passwords, and more.
It is not uncommon for many users to access a single computer system, whether that be a file server, mail server, etc. If the information on these systems is not properly secured, it could be accessed by an unauthorized user. For example, someone in Sales may be able to access private employee records in HR.
Security measures include maintaining accurate and precise access control levels on all files and folders, maintaining audit logs of suspicious user activity, and more.
What can I do to prevent security vulnerabilities?
Risk Assessment / Risk Analysis
You must start by understanding your current security vulnerabilities. Datility Networks can perform a network security audit and provide you with a risk assessment as brief or as detailed as you would like.
Contact us if you would like more information regarding our security auditing or if you would like to have us perform a security audit for your business.
If you do not perform actions to maintain your desired level of security, you may find that your network has become vulnerable to attacks. Datility Networks can perform tasks such as installing software updates on a regular basis or monitoring your data backups to be sure they are being run regularly and without error. We can also provide more aggresive services that monitor your network and system logs for evidence of an attack.
There are many steps you can take to manage your risks. Contact us if you would like more information regarding methods of Risk Management or our Risk Management services.