2013 was a year full of well publicized data-breaches. In August, Virginia Polytechnic Institute and State University exposed information on more than 100,000 job applicants because “someone on our staff goofed” according to the university. In July, an unauthorized employee of New York State’s Office of the Medicaid Inspector General accessed nearly 18,000 records of Medicaid recipients, forcing the organization to examine its data access settings. In May, Washington state’s Administrative Office of the Courts reported a breach in its servers that exposed up to 160,000 Social Security numbers and one million drivers’ license numbers.
These breaches prove that sometimes, the greatest threat comes from within. Additionally, hackers have become more sophisticated and have become skilled at getting into IT environments. As a result, the perimeter of the network is no longer the only concern; it is the endpoints and applications that are putting IT organizations on high alert.
As plans are being made for 2014 regarding both budgets and staffing, there are some critical risks that IT security teams should identify to get ahead of potential attacks. The first, critical step toward protection is to know which endpoints exist on your network. With that visibility, start 2014 off the right way with the confidence of knowing what’s happening on each of those endpoints. This slideshow features five things to look for to improve security and compliance, as identified by Dan Ross, Promisec CEO.
Click through for five things to look for to improve security and compliance, as identified by Dan Ross, Promisec CEO.
Is your antivirus up to date and activated?
IT security teams should know, at a glance, whether their endpoints are updated with the latest version of their antivirus software. Hackers can take advantage of an entire network simply by deactivating the antivirus software on one singular endpoint. Is it possible to know if and when this software is out of date or disabled across all endpoints? Yes, but if you don’t, this should be a top priority leading into the new year.
Are patch levels up to date?
Use the start of the new year to get a fresh start with patching. Many endpoints in an organization are not up to date with the latest hot fixes or service packs, presenting an opportunity for hackers to wreak havoc. Adopting the mantra “you’re only as good as your last update” in 2014 may help reduce these risks.
Are P2P, hacking tools or remote controls running?
Every IT security team should make a New Year’s resolution to stop ignoring the presence of P2P tools such as Limewire or Transmission, hacking tools such as keyloggers, and user-defined remote controls such as GoToMyPC. These technologies make endpoints vulnerable to exploitation and are likely not in line with company compliance standards.
Are your compliance standards up to date?
Endpoint management and maintenance is critical to an organization’s overall compliance. If an organization does not have a standard of compliance regarding patch levels or software updates, 2014 is a chance to define these parameters. Taking these steps will make it easier to demonstrate compliance ahead of forthcoming PCI or HIPAA audits in the new year.
Have you reviewed local admin privileges?
As evidenced by major attacks in the past year, sometimes the greatest threat to an organization comes from within. Ensure your open share settings aren’t putting sensitive data at risk by establishing visibility into who can access what information and from what endpoints. A common example of this situation occurs in health care organizations. With multiple doctors and nurses accessing multiple workstations, it’s possible to accidentally leave critical information unsecured. However, it’s also an enormous liability as bad as leaving a file cabinet of sensitive patient data unlocked in the lobby of the building.
These threats, and more, can be discovered through a free endpoint inspection tool, setting your organization up for a safe and secure new year.