You cannot secure what you don’t acknowledge. Are you using the proper tools and hacking techniques to bring out the worst in your systems? If you don’t, someone else with ill-intent probably will. Making these all-too-common flaws part of an ongoing security testing process is the key. You have to look at your systems from every angle.
It is time to turn the page on this low-hanging security fruit in your environment once and for all. Make sure all of your critical systems fall within the scope of your in-depth security testing as well as any ongoing higher-level vulnerability scans and audits. Unless and until you address these problems head on, your business will continue to be at risk.
Kevin Beaver is an information security consultant, expert witness, author and professional speaker with Atlanta-based Principle Logic, LLC. With more than 23 years of experience in the industry, he specializes in performing independent security assessments revolving around minimizing information risks. He has authored/co-authored 10 books on information security including the best-selling “Hacking For Dummies” as well as the newly-released “Implementation Strategies for Fulfilling and Maintaining IT Compliance.” In addition, he’s the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. You can reach Kevin through his website www.principlelogic.com, follow him on Twitter at @kevinbeaver and connect to him on LinkedIn.