As you work with your customers to harden their security and defend their critical systems and sensitive data from hacks, attacks, and other outside intrusions, you'll have to look beyond individual systems and vendor support status. Certain types of vulnerability affect every type of system and can cause disaster if left unaddressed. The next time you assess a customer's network security, look for the following vulnerabilities.
1. Out-of-support hardware and software
The big server news this summer was the end of Microsoft support for Windows Server 2003, which enterprises have been using all over the world for over a decade. The end of a commercial product's lifecycle can leave it open to attack no matter how well the product itself still functions, as cybercriminals and other black hat hackers continue to look for vulnerabilities in products for which the manufacturers no longer issue patches. IT buyers may shy away from large-scale hardware or software migrations if they remain satisfied with the functionality of the end-of-life product, but saving money now can cost a fortune later should the unsupported systems be breached.
2. Lax access controls
The Target data breach of 2013 offered a number of cybersecurity lessons for those willing to listen. One of the most important lessons was this: organizations must lock down access to their critical, internal network resources. The Target hackers infiltrated the corporation's systems through network credentials issued to a third-party HVAC contractor, after all. Do too many outsiders (or even too many insiders) have access to your customers' network? When you assess your customers' security, make sure to inventory exactly who has received network credentials and find ways to cut those numbers.
3. Inadequate monitoring
There is, of course, another lesson to be learned from the major data breaches of the past few years: human responsiveness to security alerts is absolutely essential to detecting and limiting the damage that can be caused by a network compromise. The failure of the SOC teams at various large data-breach victims to respond in a timely manner to automatically generated security alerts allowed those breaches to spiral out of control, resulting in far greater impact to both brands and their bottom lines than would have occurred otherwise. Not all of your customers have the manpower to maintain an acceptable level of monitoring at all times. Resellers that can offer managed services in the security monitoring department can improve both their customers' security and their own revenues.
The common denominator behind these network vulnerabilities is, of course, the human factor. Human error, to be exact. As your customers' trusted security advisor, you can help them avoid the disastrous consequences of those errors.
Are you ready to provide your customers with expert network vulnerability assessments and penetration testing? If not, your distributor has the resources to help. Speak to an Ingram Micro Networking and Security specialist today to learn more.