The vast majority of cyberattacks happen to small and midsize businesses - 60% of them fold within 6 months of an attack, according to Inc. Magazine. With cyberattacks on the rise, network security is the number one issue on IT Exec's minds. We started a 3-part blog series, discussing the main types of network vulnerabilities: Hardware, Software, and Humans. In part 1, we covered the first type of network vulnerability, hardware, with the different categories and how they can be subject to vulnerabilities. Now we will be moving to part 2: vulnerabilities of network software. As before, we will address what makes software vulnerable, how it can be breached, how to prevent it, and what to do if a breach occurs.
Outdated/unmanaged applications, in-house written applications, systems with plug-ins or add-ons, and poorly configured apps are all a prime target for hackers.
With remote work trending, IT Managers need to be aware of all software downloaded. This can be tricky with employees working from the comfort of their home. Vulnerabilities increase when remote employees also don't execute software updates - which often provide security patches. If an application has not been updated, or fully removed, it's highly vulnerable to a breach. For example, if a Content Management System needs to me removed, make sure all plug-ins and add-ons are also deleted. Developers need to pay special attention to security controls when they code in-house applications - to fix a breach may not be incredibly fast or easy.
Lastly, when software is configured, IT personnel need to be thorough. By default, software has given account names, passwords, and security protocols - these need to be renamed and customized for the organizations. if not, the software is an easy target.
Similar to hardware breaches, at first, it might be difficult to detect. Not everyone uses every application, every day. Luckily, systems today are getting more sophisticated to where if an app is breached, for example, a changed password or new log-in location, the user will be notified.
It's important to stay vigilant. Obviously, if money is missing, a ransomware request has been made, an out of the ordinary social media invite has been received/given, unwanted browser toolbars are present, and/or a password isn't working, then unfortunately - the software has been hacked.
IT personnel should perform frequent network scans and software updates. Network vulnerability scans can detect outdated, or buggy software. Software updated help with secure, but again, it's for software that is known to the IT department. Remote workers should not download anything on their computer without giving prior knowledge to their IT department. It's impossible to protect what is not known! As mentioned above, in-house developers need to code applications with strict security measures and all default software configuration need to be changed during installation.
Unfortunately, it's not a matter of if, but when. At the point a breach is recognized, it's important to take swift action to mitigate the threat. Below are the steps to take to recover from a data breach in the network:
With the number of applications and systems that businesses use, keeping it all secure and maintaining digital trust is a big task. It's important to note that the main defense you can take is to have a vulnerability program in place and to patch often. Similar to how network hardware is tracked, it's also vital to have a Software Inventory document. Having a living document that shows every app and systems the business uses, who has access to it, how old it is, etc. leaves little room for security vulnerabilities.
If you need help getting started with a vulnerability program, download this Network Security eBook as a free resource which includes an asset inventory template. If you wish to speak with an engineer for further assistance, contact us at sales@n3t.com and we'd be happy to connect you with one of our certified Net3 Sales Engineers or Request More Info.