The top 10 Internet security scr*w ups!

December 2003 Information Security, Fire & Safety, News & Events

With over 10 years' experience defending against Internet security threats, Tom Salkield, managing director of NetConnect, has seen it all. NetConnect, part of Netstore plc, is one of the founders of the UK Internet security industry, and Tom has dealt with just about every end-user mistake, error and c*ck-up that you could imagine. He readily admits that the practical world of business is a distant cry from his early experiences of information security when studying at Royal Holloway College, recognised to be one of the leading colleges in the field of IT security. Here we have asked him to list his current top 10 Internet security scr*w-ups! So here they are, in reverse order:

10) Failing to archive firewall log files. Firewalls are often correctly configured with full logging enabled. This tends to generate massive amounts of data, but often they are referred to only when there is a problem. However, left untended they can become a problem in their own right. Before you know it you have 10 GB of data and a shortage of disk space. Complete system failure soon follows and often the system has to be rebuilt from scratch.

9) Not knowing where your passwords are documented. Nothing makes supporting customers more of a challenge than if they cannot remember where their passwords are documented. That is, of course, if they had correctly and securely documented them at all. Often passwords remain in the heads of administrators, and are simply shared by word of mouth. You might as well write them on a poster and display them on an office wall.

8) Not scanning e-mails for viruses. Without question, e-mail borne viruses are today the biggest Internet security threat. Fortunately most businesses and large networks have e-mail virus scanning - either deployed in-house or using one of the growing number of managed services. Unfortunately some businesses, typically SMEs, still do not see the need, thinking that it is sufficient to deploy workstation virus products. Why let the viruses through the front door in the first place?

7) Not blocking instant messaging on your firewall. With Microsoft now in a big push to get people using their IM technology we are beginning to see IM clients freely deployed in businesses, mainly by users. Without proper auditing and control, IM simply opens up a porthole that can be used by the unscrupulous to disseminate viruses and worms. If you have not thought through the challenges of allowing IM onto your network, the simplest thing to do is to block it at the firewall.

6) Depending on users to patch their own workstations. Let us face it; users are terrible at following instructions. We all know how difficult Microsoft makes it for administrators to keep their products properly patched. There are tools to make life easier, although it has to be said that some seem to make the task of patching more difficult. Hopefully one day MS will crack the problem, but until then, depending on users to patch reliably and regularly is a strategy destined for disaster.

5) Not having an incident response plan. All networking and security professionals know that even with the best planning in the world, something will still go wrong. It simply is not possible, with today's complex environments, to be 100% secure. As luck would have it, the first major problem will come while you are on holiday up some remote hillside in Tuscany. Have an incident response plan, even a very simple one; at least it is a start. What are you going to do when a problem arises, who are you going to call for help and why-oh-why did you not print it off rather than leave it stored on a fileserver which no-one can now log into?

4) Failing to disable accounts for departed employees. You would not believe how frequently HR fails to tell IT that an employee has left the business. They might, if you are lucky, remember to ask them for their mobile phone, but hey, why not let us leave all their remote access in place!

3) Failing to configure any security on a wireless access point. We all know wireless is here to stay. But if you are going to broadcast all your company's data to all and sundry, perhaps it is a good idea to enable the basic security features that come standard with the product. It may not be the greatest, and it may be inconvenient, but it sure beats having to explain to the boss why he was able to connect to the network from the car park on his new wireless PDA, just purchased at Dixons.

2) Not keeping your firewall patched. This is pretty much tantamount to paying for an expensive lock on your front door at home and then leaving the keys in the lock - on the outside! And of course if you are going to patch the firewall software, do not forget to patch the underlying operating system if there is one.

1) Not securing home PCs with their own firewall, VPN and virus detection. It was difficult to decide what should be top of the list, but this won out. With broadband and laptops becoming widely deployed, users are accessing corporate resources from outside your logical boundary. If these machines are not properly secured, then neither is your network!

For more information contact Tom Salkield, managing director, NetConnect.

NetConnect is exhibiting at Infosecurity Europe 2004 which is Europe's number one IT Security Exhibition. The event brings together professionals interested in IT security from around the globe with suppliers of security hardware, software and consultancy services. Now in its 9th year, the show features Europe's most comprehensive FREE education programme, and over 200 exhibitors at the Grand Hall at Olympia from 27 to 29 April 2004. www.infosec.co.uk.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...
Cybersecurity in South Africa
Information Security
According to the Allianz Risk Barometer 2025, cyber incidents, including ransomware attacks, data breaches and IT outages, are now the top global business risk, marking their fourth year at the top.

Read more...
Are AI agents a game-changer?
Information Security
While AI-powered chatbots have been around for a while, AI agents go beyond simple assistants, functioning as self-learning digital operatives that plan, execute, and adapt in real time. These advancements do not just enhance cybercriminal tactics, they may fundamentally change the battlefield.

Read more...
Disaster recovery vs cyber recovery
Information Security
Disaster recovery centres on restoring IT operations following events like natural disasters, hardware failures or accidents, while cyber recovery is specifically tailored to address intentional cyberthreats such as ransomware and data breaches.

Read more...
Igniting standards, powering protection
Securex South Africa News & Events Fire & Safety
Fire safety is more than compliance, it is a critical commitment to protecting lives, assets, and infrastructure. At Firexpo 2025, taking place from 3 to 5 June at Gallagher Convention Centre, that commitment takes centre stage.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
The rise of AI-powered cybercrime and defence
Information Security News & Events AI & Data Analytics
Check Point Software Technologies launched its inaugural AI Security Report, offering an in-depth exploration of how cybercriminals are weaponising artificial intelligence (AI), alongside strategic insights defenders need to stay ahead.

Read more...
The deepfake crisis is here and now
Information Security Training & Education
Deepfakes are a growing cybersecurity threat that blur the line between reality and fiction. These AI-generated synthetic media have evolved from technological curiosities to sophisticated weapons of digital deception, costing companies upwards of $600 000 each.

Read more...
What does Agentic AI mean for cybersecurity?
Information Security AI & Data Analytics
AI agents will change how we work by scheduling meetings on our behalf and even managing supply chain items. However, without adequate protection, they become soft targets for criminals.

Read more...