6 enterprise security holes to note

Here are six security vulnerabilities that are often expanded, even companies that are proud of their security precautions.

TipsMake.com - The famous Titanic ship could not be wrecked, a proof of technical expertise has shown this and the fact that this luxury ship is unlikely to collide with a giant iceberg. giant

In the modern business world, there is also a similar perception of the inability to be attacked. Yes, for large organizations that have had many years of operation without any risk, there are many stories surrounding dangerous intrusion, Wi-Fi-related issues and The problem occurs when actions aimed at Bluetooth are used to steal company secrets.

Here are six security vulnerabilities that are often expanded, even companies that are proud of their security precautions. We checked with security consultants to find a way to deal with these vulnerabilities, before your business ship could crash into the ice wall.

1. Smart phone has unauthorized access to Wi-Fi network

Smartphones have created one of the biggest dangers to enterprise security, largely because they are so popular and because some employees can't help but use personal devices at work - even if their superiors have perfectly established measures to prevent them from using these devices.

Security expert Robert Hansen, CEO of Internet security consulting firm SecTheory, said: ' The danger is that mobile phones are' home 'of three devices - Bluetooth, Wi-Fi and GSM. Employees who use these personal smartphones at work may become a 'referral' link for attacks '.

If you use a smartphone device that can expand the wireless network, according to Hansen: ' Someone at a certain parking spot can use the Bluethooth' sniper 'device to read Bluetooth within a distance. One mile, connect to a smartphone and finally connect to a business ' wireless network . Bluetooth is an open port that allows hackers to access Wi-Fi networks and access corporate networks.

6 enterprise security holes to note Picture 16 enterprise security holes to note Picture 1
Hackers hiding at some point can use the device
'sniper' Bluetooth, to be able to read Bluetooth from distance
One mile and unauthorized connection to a business wireless network

Hansen said that the rules simply prohibit the use of smartphones in the workplace is not effective enough - employees will become more eager to be able to use their devices at work, even if they are banned. Instead, technology staff should allow some moderated devices to access the corporate network. And this access will be based on MAC addresses, which are the unique codes assigned to some devices - making them easier to track.

Another method is to use network access control to know who is connecting and who is accessing it illegally. In an ideal world, companies should also separate guest access to Wi-Fi networks from an important corporate network, even if two wireless LANs are just a waste, as well as management work will increase.

Another way: Give the company's automatic smartphone approval on a number of phone platforms, such as Google's Android, and thereby prevent employees from using unsupported devices. By encouraging employees to use approved phone devices, technology workers can focus on preventing security for a set of devices, instead of "struggling" to face it. lots of brands and platforms.

2. The ports are open on a printer network

The printer is another seemingly harmless device capable of being attacked, even though most companies forget this danger. The printer has been connected to a Wi-Fi network in the last few years and even has access to a 3G network or phone connection for faxes. Some models have blocked access to some ports on the printer, but, as Hansen says, if there are 200 ports for a large company's printer to be blocked, there will also be another 1000 ports expanded. Hackers can break into the enterprise network through these ports. Another evil trick is that they can steal all the printed documents as a way to steal important business information.

Jay Valentine, a security expert, said: ' One of the reasons you haven't heard about it is because there is no effective way to stop them .'

The best way to face this problem is to turn off the selection of wireless networks on printers. If this is not possible, technology personnel should make sure all ports are blocked for any unauthorized access. In addition, it is also important to use security management tools to monitor and report on open print ports. One tool that can be used is Active Monitor of ActiveXperts Software.

3. Web applications are developed with bad code

Because security experts of businesses live in concerns about the vulnerabilities created by reckless programming habits. This can happen with software developed at will, along with commercial software and open source software. Hansen said that a commonly used trick is to take advantage of xp_cmdshell on a server, which an experienced programmer or system administrator can leave a big hole for attacks. Hackers can gain full access to the database, providing access to data along with a quick exit.

Hansen further revealed that PHP Routine code on a website could also be exploited to attack. Small code errors, such as incompatible security when calling files from an application, provide a way for hackers to add their malicious code. This can happen when a programmer does not restrict carefully what kind of file can be called based on the user input pattern, or a company's blog page using Trackback feature to be able to report on the The link returns to their posts, without the "cleaning" of saved URLs to prevent illegal database queries.

The only way to solve this problem is to avoid some software, such as PHP scripts, blog add-ons and other suspicious code. In case of need to use these software, users should also use security monitoring tools to help detect vulnerabilities, even in small PHP scripts.


4. Phishing on online websites

Facebook and Twitter users may be tricked into revealing important information. Usually, these types of attacks are very few and do not need to pay much attention.

6 enterprise security holes to note Picture 26 enterprise security holes to note Picture 2

Hansen said: ' People who are looking for a job are willing to disclose information (personal). He also added information about one of his clients when he told how hackers could use a fake email address from a job search site to pretend to be an employer . has refused to disclose more details to protect customers in his example, but that's an example in the way he calls the "mistaken person" scenario, where someone can assert employers to from a certain company and are contacting the candidate, and the candidate who is looking for this job is the company's recruiter and they also do not ask for any valid information. that this is the same as when we get an envelope - because it has a return address on it, it does not mean that The content inside is actually derived from the sender listed on the envelope.

Companies should use the email confirmation system, which helps confirm the identity of the sender. These assertions will send an email back to the original address to confirm the sender's certificate. Some places, such as the state of Texas in the US, impersonating someone by email is considered illegal

5. Employees download illegal movies and music

P2P networks - peer networks - have not disappeared. In a large company, it is not unusual to find an employee who uses a peer-to-peer network to download illegal products or install their own server to distribute software.

Winn Schwartau, CEO of the Security Awareness Company said: ' Peer networks should be completely blocked in businesses. P2P ports should be completely closed and ideally still at the end points of the company. P2P software can be blocked by using black / white lists and filters on businesses ' servers .

Schwartau told a story about financial services firm in New York. The company has a P2P gateway that operates all day, even on days off. In the end, it was discovered and found a corrupt file on the server. Schwartau calls this a 'hacked crime', meaning that thieves often start illicit activities, so one of their 'favorite' destinations is a P2P server or any one. Other 'potential' security vulnerabilities.

Schwartau added: ' The infection of malicious files into P2P files is not difficult at all and can create a bridgehead within an organization, based on code design '. He also suggested a technique called 'source isolation', capable of controlling which user applications are allowed to access based on special rights. Different operating systems will work in different ways, but it is worth pursuing a situation that a company's policy is lacking in terms or no one follows its terms.

Schwartau encourages technology companies to conduct regular scans of all corporate networks as well as servers in search of signs of P2P network activity as well as being cautious about blocking these actions.

6. Phishing SMS and malicious code infection

Another way that hackers can use to attack: send a message to a smartphone. Hackers can use SMS to communicate with employees in the company in order to trick important information such as the right to log on to the network and other intellectual assets of the business. Not only that, they also have the ability to use messages to install malware on their employees' phones.

Schwartau said: ' In our day-to-day work, we have shown how a rootkit can turn on a microphone of a phone that users don't know. An attacker can send hidden messages to infected phones, make the phone have to make a call and turn on the microphone '. This can be an effective plan if, for example, the owner of this hacked phone is in a meeting and the attacker intends to listen.

Schwartau further revealed that there are many ways to filter SMS activities, but it is done on the side of the wireless network provider, because SMS does not have an IP address so the company's technology managers can't control them. The best option to prevent these attacks is to work with network operators to make sure they are still using malware blocking software, filtering SMS and redirecting these attacks.

And again, create smartphone terms of use that encourage or require employees to implement company-approved phone terms or use and services that are in service. permission can reduce the risk of attack.

Of course, companies can't stop all security attacks with current technologies and hackers are constantly innovating with more sophisticated tricks. Therefore, you should try to immediately close these 6 security holes to make sure they are always closed. However, you should also pay attention to new forms of malicious code operations.

5 ★ | 1 Vote