Preventing information security incidents requires application of proper best practice cybersecurity configurations. Applying best practice configurations at the network infrastructure, system, service and application levels can even protect your organization and thwart information security threats not yet in existence by substantially decreasing the organization’s cyber security attack surface. Cyber-criminals tend to look for common configuration oversights that render organizations easy prey for cyber attacks. If systems within your organization support the following configurations, potential for an information security breach is quite high.
One common configuration error that renders organizations an easy target is system deployment with factory default configurations enabled. When experienced hackers perform reconnaissance on potential victims, they often use search engines to identify systems within the victim organization that run default configurations. If a system runs default settings, attackers simply lookup the default account username and password of the system, log in to the system, and then use the compromised system to gain unauthorized access to other systems within the organization. Since the compromised system is usually a trusted component of the organization’s network, it is often trivial for the attackers to gain access to other, more critical systems within the organization.
Another configuration best practice example that is often overlooked is granting system user account permissions only to the resources necessary and required for the user to perform their duties within the organization. Too often, user accounts possess administrator permissions to the workstation because this configuration enables the user to install and uninstall software, updates, and change configurations as needed to perform their work. However, if an attacker (or malware) gains access to an account with administrator permissions, the attacker then has full access to install malware and remote access services on the compromised system, then using the compromised system to attack other systems throughout the organization.
Contact us today for a security assessment of the information system configurations within your company to reduce the organization’s attack surface and risk exposure.
