How Hackers Choose Their Targets
According to Security Boulevard, the #1 security vulnerability identified by IT managers is unpatched systems.
Hackers target vulnerable systems. There it is. That is the big secret, which likely isn’t as shocking as one anticipated. Why do hackers target vulnerable systems? This too is rather simple. They don’t want to have to “work” at hacking the system, they want users to leave the door open for them. And often times they are.
Leaving third-party applications and operating systems outdated leaves endpoints and servers, as well as all the data on them, vulnerable to attack.
It is imperative for users to update all devices in a timely manner. Often times this will take longer for larger businesses, as proper testing should be completed to ensure the update will not negatively impact the functionality of existing software or devices. That being said, the testing process should take place once updates are available, so updates can be installed as quickly as possible. It should also be noted, major software companies, such as Microsoft, have reoccurring update release dates. Therefore, IT professionals can schedule when testing will need to be completed with the predetermined update dates.
Automate Updates?
Users at a smaller scale, either home users or perhaps a smaller business may automate application and operating system updates to take the legwork out of manually launching the update. This feature is great for those who want to set it and forget it. However, users must remember to reboot their PCs every day. When updates are installed, they often are not finalized until the device is rebooted. Therefore, users may think they’re protected with the latest updates, but in reality, they haven’t finished installing because no reboot has been initiated.
Rebooting is equally important for those who manually update as well. If it isn’t getting done — the update is NOT complete.
Other Forms of Vulnerability
Although unpatched systems were the primary security threat identified by IT managers, other vulnerabilities should be addressed as well. Additional factors to evaluate include multi-factor authentication, IoT devices, BYOD policies, and password strength.
Multi-Factor Authentication and Password Strength
First and foremost, no one should be able to access your network with one basic password. Employers should be employing a multi-layer authentication feature to access their networks. As a component of that, proper password regulations should be in place. This includes requiring passwords to be changed every 30-45 days, including specific characters and numbers, and offering a password vault for employees to track their passwords to prevent them from being written down or kept in a Word or Excel document.
IoT and BYOD
The Internet of Things (IoT) has taken over the world. We’re more connected now than ever, whether it is our smartwatches notifying us of text or calls, or checking emails through our phones. We often bring these devices with us to work and connect them to company networks. This creates a major problem. If these devices are infected with malware of any kind — viruses, ransomware, spyware, etc. this malware can now spread throughout the company networks. Also, the likelihood of these IoT devices having any form of security solution installed is minimal at best. They often do not come with any form of antivirus installed, and some devices are not compatible with security solutions at all.
Therefore, having a solidified Bring Your Own Device (BYOD) policy is important. Employees should know what is allowed and expected, and what is not. This should include three major things. First, what devices are permitted to connect to the company’s networks. Second, the company needs to mandate a security solution is installed on all devices permitted to connect to company networks. Lastly, it must include disciplinary measures if the policy is not adhered to.