Recent news is confirming the extent to which 0-Day type security breaches and their associated protocols are naturally peaking interest. As critical as they are on a technical level, these vulnerabilities only represent around 4% of the security incidents counted over the last ten years. The main responses have, then, only really been centered on a relatively low proportion of attacks.
In these times marked by the discovery of the Spectre and Meltdown breaches, the point of this reminder is clearly not to minimise the importance of these potential huge-scale threats, but rather to remind us every day that the risk is getting bigger, above all for the clearly less sophisticated vulnerable areas of cyber security. We give you the rundown of the top five areas requiring the most attention.
It’s nothing new, but unfortunately, it’s still very much a reality: one study has revealed that 96% of users entrust their session or access to a “default password”, without taking basic security warnings into account. Amongst the most frequent errors are passwords identical to the username, the same password being used across all online services or using a simple word such as a first name. In IT news, from time to time we see the reports on database intrusions due to the use of a default password on the administrator account…
2- File sharing
From file sharing to printing, the increase in protocols and endpoints often ends up diluting the access and restrictions policy that was set up when the network was built. One problem: what happens when a harmful third party connects to a FTP where the permission hasn’t been properly managed? From data theft to the pure and simple deletion of information, the consequences can be heavy.
Databases – high-value banks of information for companies – are, ultimately, the chosen target for hackers in need of data that could be exchanged or sold on. Protecting this data, then, assumes a particular level of strictness, above all when some columns list user login details that could open the floodgates to other areas of the system.
4- Abandoned servers
Studies confirm that a good number of companies no longer keep an accurate inventory of their IT stock. So, some machines, either forgotten or replaced, are abandoned and removed from the company’s list of resources. From the still-connected test-server to the laptop lost during a move (even though its hard-disk wasn’t erased), these forgotten computers offer so many opportunities for confidential information to let slip. When a discarded device is still connected to the network, it also acts as a stepping stone for anyone who might want to gain access further into the company.
5- Managing access permission
Is isolation the answer for better protection? The need-to-know is quite rightly one of the golden rules of security, whether in defense or in IT. By increasing groups and permissions, companies run the risk of no longer controlling as accurately as possible the list of authorised users able to access certain pieces of sensitive information. A precise permissions management plan should be established to best guarantee data security without penalising the company’s daily operations.
And so, what might be the link between all these different vulnerabilities? Every last one of them leads us back to a single, common denominator: the user!
Derniers articles parMarion Godrix (voir tous)
- Cybersecurity: machine learning to be the main focus in 2018 - 26 January 2018
- Cybersecurity: Five vulnerabilities you shouldn’t ignore - 25 January 2018
- [INFOGRAPHIC] Data security: 99% of employees ignore good practice - 24 January 2018