There’s no doubt you know your network better than anyone else. The real question is, do you know whether you’ve checked for all relevant security flaws on all of your critical systems? Odds are you haven’t but that’s okay to an extent. No one has that kind of time or expertise if they’re going to complete their other work necessary to keep the shop running.
In the interest of making some headway in this area and keeping your network security risks to a minimum, here are some things you want to make sure you’re looking for:
- Physical security systems (i.e. IP cameras, door access control systems, and parking lot gates), especially their telnet and web interfaces that are usually running default settings and wide-open to attack.
- Guest wireless, especially weaknesses involving web content filtering and network segmentation that might allow guests access onto the corporate network.
- Full disk encryption usage on laptops and other physically-unsecured workstations and servers (it’s rarely on all of the systems that need it).
- Phone and tablet usage, information storage, and protective measures such as passwords, encryption, backups, and remote wipe capabilities.
- Third-party software patches, namely for Java and the various Adobe products (something that requires authenticated scanning for proper testing).
- Network shares that anyone who is authenticated to the Windows domain can access and, specifically, personally-identifiable information (PII) and intellectual property that’s stored on them, unprotected.
- Printers and copiers with web interfaces and job management features enabled that should not be accessible to everyone on the network.
- Anonymous FTP servers that house sensitive information, often intellectual property such as source code that are wide open to internal users and sometimes even the Internet as a whole.
- Voice over IP systems – at least test for flaws on a cross-section of phones and the call manager server.
- Hot Ethernet jacks that anyone can plug in to and do what they want on the network (and never be detected).
- Firewalls, especially your rulebases. Similar to performing a source code analysis on a web application, an in-depth firewall rulebase analysis can provide a ton of insight that you’d otherwise never have.
I’m not advocating ferretting out every single flaw on every single system on your network. You might be able to accomplish that at some point, but at what cost to the business? You need to be smart with your focus and look where it counts. This includes not only production systems but also your development, QA, and staging network hosts – especially when they house production test data (and I’ve found that most do).
Put your criminal hacker hat on
Pretend you have a fresh start and view your network with an unbiased set of eyes. Literally walk in off the street and ask yourself:
- What’s obvious?
- What’s most easily accessible?
- Which systems and business processes, when combined together, can lead to ill-gotten gains?
- What, if exploited, could be most detrimental to our business?
You’ll likely be surprised by what you uncover. Don’t be afraid to find out what’s lurking in the unexplored areas of your network. Instead, be proud knowing that you’re seeking out and are hopefully the first to find key business risks that may have gone overlooked otherwise.