Network vulnerability assessments
From a corporate network security perspective, the focus of threats to the company security is changing, with the implementation of strong perimeter defence solutions. These include firewalls, Intrusion Detection Systems, content filtering and two-factor authentication as increasingly more breaches are occurring from within the company.
Many companies are now finding out that their internal security is being increasingly compromised by the numerous and rapidly growing number of simple methods that enable legitimate users to create a back door into the company network. These methods, which can be downloaded from the Internet and then ran to circumvent all of the existing gateway security products, pose as great a threat as attacks from outside the corporate network.
The Gartner Group recently estimated that more than 80 per cent of breaches to a company’s security information originate from within the company. The potential damage from such threats varies from the loss of sensitive information to complete network shutdown. This is only going to get worse as more and more exploits are made readily available on the internet for anyone to download.
A Network Vulnerability Assessment can allow companies to effectively manage these threats through a validation of their existing security policy (if available), by measuring the strength of the Network Vulnerability Assessment.
Through the understanding of the threats and performing a programme of assessment of network level vulnerabilities, a company can provide evidence to regulators, customers and partners that they are effectively managing the risk that their corporate applications, services and interconnected systems pose.
It is therefore paramount for a company to consistently and proactively track and fix any vulnerabilities which are found in their network as soon as possible. When most networks are attacked, weaknesses were exploited when patches were already available or obvious misconfigurations went unnoticed. With the right kind of vulnerability management solution and processes in place, weaknesses in a network can be found, brought to attention and shored up.
What are the core threats?
Any company that utilise a network is typically exposed to at least the below general threats, these being:
- Virus infection of company desktops and servers, which may cause outages, destruction of data or disclosure of information.
- Distribution or installation of malware which can lead to company machines being used as part of a larger bot network (these are infected machines that are under control of malicious persons which are used to attack other systems)
- Loss or modification of information which leads to potential corrupted client or company databases.
- Denial of service attacks which results in the unavailability of the company network and or websites which can lead to potential loss of revenue and company reputation.
- Disclosure of sensitive information to the general public or competitors.
If any of the above threats are identified and executed, company reputation and customer confidence could be damaged beyond repair.
What vulnerabilities does a Network Vulnerability Assessment uncover?
The key security threats that are most often realised through the following vulnerabilities within the company network are:
- Default installations (including default username and passwords) of applications and operating systems.
- No security patches or service packs.
- Poor internal network design and implementation.
- Default services and ports left open and unmanaged.
- Excessive privileges assigned unnecessarily to users within an unrestricted computing environment.
- No change control procedures.
- Poor or non-existent internal monitoring and auditing policy.
- No encryption or access control of sensitive information.
Why should you perform a Network Vulnerability Assessment?
Technology doesn’t stand still; between 2010 and 2013 large corporations such as Google, Microsoft and Sony to name a few have been attacked and compromised to one degree or another. It doesn’t matter how large or small the company is, if an attacker wants in then they will exploit any weakness.
Operating Systems are complex huge pieces of software, and new vulnerabilities appear on a daily basis for both OS’s and network systems. Keeping these systems patched and up to date as well as configured in line with best practice guidelines is often a major challenge for organisations. This is especially true when developers and network administrators are often under pressure to make sure systems work within tight timescales.
This can often result in the situation where the task of securing these systems takes a secondary role. It is therefore critical to ensure that a security assessment of corporate networks and their services is carried out, both prior to their initial roll out and on a regular basis to ensure that any and all specific security threats are understood, managed and remediated.
A Network Vulnerability Assessment is best utilised alongside a corporate risk assessment policy where it can be used to assist in validating corporate security policies and strategies.
When considering whether to perform a Network Vulnerability Assessment the questions you should ask are:
- Do you have an in-house IT department, or is it managed by a third party company?
- Did a third party design and implement the network architecture?
- Do the networked systems process and store financial information?
- Do the networked systems store and process personal information that is covered by the Data Protection Act?
- Are the networked systems connected to other remote sites within your organisation?
- Do the networked systems provide connectivity to other applications or systems outside your organisation and control?
- Is there a suspicion that the network systems have been compromised?
- Do firewalls indicate an unusually high level of activity?
How will a Network Vulnerability Assessment improve your network and corporate security?
Having a routine Network Vulnerability Assessment will help improve a company by the following means:
- Ensuring that the patching and configuration of infrastructure is practiced correctly.
- Locating and identifying any potential security risks.
- Validating the effectiveness of any preventative security measures that are in place.
- Verifying that servers and workstations are configured to security best practices.
- Protecting intellectual property (IP) by reducing the risk from a real and successful attack.
- Providing evidence that regular security assessments are performed.
Why choose TeraByte IT
TeraByte IT offers a number of benefits that will help your company:
- TeraByte IT use proven methodologies that build upon recognised Industry Standard approaches such as Council of Registered Ethical Security Testers (CREST), Open Source Security Testing Methodology (OSSTM) and Open web Application Security Project (OWASP).
- TeraByte IT security consultants are at least Certified Ethical Hackers based upon a foundation of IT knowledge that span decades.
- TeraByte IT not only concentrate upon the security aspect of testing, but also have knowledge and experience in day-to-day running and administration of large networks, which can aid in troubleshooting or configuration of specific issues.
- TeraByte IT work towards providing quality work and ensure that the solutions and reports provided to clients are second to none.