Vulnerabilities in IT infrastructure are something all companies need to be aware of, and working on constantly, this is Part I, return to us in January 2016 for Part II.
Following recent high profile IT and data security failures, how much risk is your IT infrastructure placing on your business?
[easy-tweet tweet=”Join CTC and @zsahLTD in analysing how #IT Infrastructure could be harming your business” user=”comparethecloud” usehashtags=”no”]
Over recent months, there have been a number of high profile and very well publicised security issues resulting in a loss of customer data. These include the hacking of Sony’s systems, the Ashley Madison dating site in the US, Marks and Spencer, Apple, and most recently, Talk Talk in the UK. All of these demonstrate the potential risks and resulting damage to business from breaches in IT security. The impact of such a breach of security can last for many years, with massive reputational damage and loss of customer confidence not only in the company’s systems, but also in the brand itself. There is typically also a significant short term business impact. In the case of Talk Talk, some reports claim that up to one third of all customers have terminated or are looking to end their contracts in the immediate aftermath of the problems.
In this article, we discuss the causes of security failures and outline the key lessons to be carried into any business environment to reduce the risks to your business, including any specific considerations for the use of Cloud Services.
What are the main causes of recent security failures and how can businesses, big and small, protect themselves in what appears to be an increasingly insecure world?
Firstly, we need to consider that there are actually three distinct, but related, elements – overall security (including processes and physical security); hacking (i.e. attempts to breach the IT systems’ security); and privacy of data held within your IT systems.
overall security; hacking; and privacy of data held within your IT systems
To the non-expert eye, it is commonly considered that the primary risk comes from external hackers and that protection is achieved mainly through the use of security measures such as firewalls and virus protection software. Indeed, the majority of hacks and attempted infiltration involve Denial of Service (DoS) attacks to bring down a company’s IT services. A Distributed Denial of Service (DDoS) was the first part of the attack to gain access to Talk Talk’s customer data – and it is critical that all companies maintain up to date virus protection measures.
[easy-tweet tweet=”Agents looking to infiltrate your #IT infrastructure can still often find ways to get past security software” user=”zsahLTD” usehashtags=”no”]
However, even with up to date security software, agents looking to infiltrate your IT infrastructure can still often find ways to get past this layer of security. One of the most common tactics employed by hackers is through an “exploit” – a piece of software that manages to get past the security layer, but in doing so, opens up a channel through which more malicious software can be deployed. These are typically prevented by a process of notification (when detected) followed by the issue of a new security patch provided by vendors. The problem though is in the delay involved in getting new security patches implemented in the market – one day in the world of IT Infrastructure is like one year in normal business cycles.
It is therefore critical that all businesses keep all aspects of the IT infrastructure up to date. For many businesses, the use of externally provided Cloud Services can significantly de-risk this part of the IT delivery – avoiding what might be a reliance on a potentially small internally IT department, removing this work from them and allowing them to focus on more strategic objectives. However, outsourcing the IT infrastructure does not outsource the problem and we will talk later in this article about additional considerations for companies who choose to go down this route.
Firewalls are a key part of the defence against external hacking and will, properly implemented, provide a barrier to potential “exploit” packages. However, given the constant re-invention of attacks from external agents, the time to implement patches means that the risks can never be completely eliminated. Many firewall manufacturers are now starting to implement “auto-patch” versions of their products – but don’t be misled into thinking that this solves the problem. Many patches and software revisions will require a re-start, with knock-on effects for the rest of your systems and availability to your staff and customers.
[easy-tweet tweet=”The best practice in the implementation of firewalls is to employ a dual-layer #firewall” user=”zsahLTD” hashtags=”infosec”]
The best practice in the implementation of firewalls is to employ a “dual-layer” firewall. This will significantly reduce the risks of breach, as an exploit package that manages to open up a channel through the first firewall layer will hopefully not be successful at the next layer.
So, if we assume that we cannot 100% guarantee against a malicious attack getting through the security systems, what should companies be doing to protect their, and their customers’ data?
Check back with us in January to read Part II, which includes our recommendations for securing your data.