Top 7 Security Threats to Your Business, Network, and Information

Top 7 Security Threats to Your Business, Network, and Information

1. Email Attachments -- Workers opening an attachment could unleash a worm or virus onto the corporate network, and a new evolution of viruses means that they can propagate themselves even without a user double-clicking on them. You can avoid most problems by setting your Virus Scanner and Spy-Ware Scanner to update late Tuesday evening/early Wednesday morning (when patches are released nationwide). This ensures you have the latest definitions and are protected.

2. VPN Tunnel Vulnerabilities or Firewalls -- A hacker who worms his way into the VPN or firewall has free and easy access to the network and all of its computers and information. Be sure to have these addressed by your network administrator.

3. Downloads from Web Sites -- Workers frequently misuse their Internet access in the workplace, downloading games, movies and music and even pornography. It opens the network up to attack and sucks up valuable bandwidth by decreasing productivity and traffic flow. A quick fix is to allow your network administrator to restrict either the websites that CAN be downloaded from, or restrict the download themselves in the work environments.

4. Peer-to-Peer Applications -- In a peer-to-peer environment there is an implied trust between servers. That means if a user has access to one server, he automatically has access to another if the servers share trust. I like to point out that hackers or rogue employees can gain access to one server and move freely throughout the network. This is important when considering their permissions and levels of security on your network.

5. Music and Video Browsers -- These are browsers that automatically will connect the user with related web sites -- all without the user's permission. A music browser, for instance, may note that the user likes jazz so will connect the user to other jazz sites and executable applications, putting the network at risk and potentially using up huge amounts of bandwidth. Again, restriction of the music or video browser’s functionality will decrease your risk significantly.

6. Wireless Networks – Users, hackers and criminals can gain access to company and personal information at their discretion, copy files and sell or distribute them from the safety of their home or car next to your home or office. Have your wireless network secured with MAC address filtering if possible, as this is the MOST secure and hardest for hackers to imitate. You may also want to use WEP or WPA encryption with a password for access, and lastly you can “hide” the signal broadcast that your wireless network broadcasts by choosing not to broadcast your SSID.

7. SPAM and/or Phishing Email – This is cleverly disguised and directed to appear as if a legitimate source has sent this email to you soliciting personal information or verifying your personal information on behalf of a known vendor such as EBay, PayPal or Amazon.com. One dead giveaway is that it will ask you to click into a website to “verify” your information. Another give away can be that it does not address you by name. Rather that is will say something like “We’ve noticed that your account has had recent activity…” So in essence they may appear to be trying to “help” you.

Chris Hammond, A+, Net+, MCSA