As a marketing graduate from long ago (1992 – longer than I care to remember) I can recall the fuss made over the concept of the 4P’s – namely Product, Price, Promotion and Place – in contributing to a successful ‘marketing mix’ to attack a target market. Well today I read an article which struck a cord with me. That is, the 3P’s of IT Security – Patches, Passwords and Policies – or as I call it the ‘IT security mix’ to guard against attacks to IT networks.
A recent study in the US has shown that whilst many companies need to consider and deploy a Next Generation Firewall device to protect their networks, many organisations are not even getting the ‘IT basics’ right prior to a security appliance being deployed and are simply not applying an appropriate ‘IT security mix’.
What do I mean?
In summary, the study showed there is a systematic inability for organisations to patch security vulnerabilities in a timely manner (Patches), combined with guessable passwords (Passwords) and the spread of automated hacking tools, which can make it simple for both amateur and professional ‘bad actors’ to break into corporate networks and explore them unhindered (Policies).
Patches
The research conducted by a specialist penetration testing team found that in 71% of cases (20 out of 28 pen tested organisations), its team was able to infiltrate their target network using relatively basic tools and tricks available to the average hacker, ‘script kiddies’ and ‘newbies’ i.e. trainee/inexperienced hackers. Basically, the penetration testing team found that many known bugs in web apps for which patches were available, had not been applied. In 77% of the cases such web app vulnerabilities and configuration flaws allowed a company’s network defences to be breached in as little as 30 minutes! What is more shocking is that 60% of these know bugs or ‘web applications holes’ were deemed critical for patching and should have been patched as soon as possible. Plus 11% could be deemed high-risk vulnerabilities, which should ideally be addressed urgently.
Passwords
The research showed the second most common method of break-in to a network was weak login credentials. The penetration testing team found the use of brute forcing passwords for database management and remote access software worked pretty well. In fact, brute forcing is relatively easy to block, but it is regularly forgotten by network admins. When you also factor in the move to Two Factor Authentication – a feature provided free with Microsoft 365 – there is really no excuse for the continued use of simple passwords.
Policies
The research revealed that once an attacker (the penetration team) had gained an initial foothold it did not take them long to command full internal network access. In fact, in 68% per cent of the trials the ‘bad actor’ needed to only take one or two steps to have the entire organisation at their fingertips. Network compartmentalisation and access controls, limiting who can see what would have undoubtedly minimised the intruders’ reach.
So what can be done?
It’s simple really; talk to Core Team One and deploy an ‘IT security mix’ of the 3P’s – Patches, Passwords and Policies.
Core Team One’s RMM system can actively monitor the need for Patches and manage their implementation at a convenient time to avoid unnecessary disruption and keep the network current so as to avoid security vulnerabilities. In addition, Core Team One can help your organisation deploy rigorous 2FA and MFA (Two-Factor Authentication and Multi-Factor Authentication) methods to remove the total reliance on easily cracked Passwords. And finally, Core Team One can help to configure your network and put in place Policies to prevent the attacker getting any further than the front door using Group Policies, Security Protocols and Next Generation Firewalls (like Fortinet).
Remember – Patches, Passwords and Policies!
Interested? Then get in touch today for free impartial advice on 0113 532 9800 or email richard@coreteamone.com
