IT security is in a constant battle between open access and security. Firewalls, hardened routers and password protected wi-fi make the networks we rely on for daily communications safer, but they are by no means completely secure. Here are 3 common network vulnerabilities to watch for. We’ll also discuss some of the options for addressing these vulnerabilities.
Thumb drives seem ubiquitous. They are easy ways to transfer very large files that you may not be allowed to email to someone and let you carry information into a company network without waiting for the bandwidth. Their low price means they’re even given out for free at many trade shows. And their banality means we often pop an unlabeled thumb drive in our computers to see who it belongs to, giving the malware on the device an opportunity to install itself on the computer and infect the rest of the network. You don’t even have to open files on the thumb drive to introduce the malware, since the Conficker worm was designed to execute the moment the device was merely plugged in.
One of the risks of allowing personal devices to be used to handle company information is the challenge of control. If someone downloads personally identifiable information of other employees as part of their work for personnel and the system doesn’t meet IT security standards to protect said information, you’re technically in violation of the law. If the person is working on company data on a personal laptop that is then stolen, you have a security breach on a device that may be much harder to track or try to wipe remotely. If someone accidentally accesses data they shouldn’t have, you may be obligated to wipe their device completely.
You can run into this problem even when employees aren’t processing sensitive information on personal devices, such as when they access local wireless access points on the company network to check personal email or download music. If you’re earning an online computer science masters, you’ll learn the various methods of securing the wireless connections that get used by everyone from guests to the VP. Conversely, even digital photo frames and music players brought from home and connected to a PC for charging or an internet connection can bring a virus into the network, which is why they are commonly banned, as well.
The Human Factor
No discussion of network vulnerability is complete without discussion of the human factor. Intrusion detection systems don’t stop the disgruntled employee from copying and sharing data without authorization. Network security built into hardware doesn’t stop employees from selling your data to outside organizations.
A particular Office of Personnel Management hack by Chinese hackers not only copied the entire database but put in code to copy all updates of the OPM database. It is thought the OPM hack was done by unvetted contractors. These inside hacks are driving demand for more people with an online masters computer science degree and expertise in IT security, as well as a clean record.
Network vulnerabilities can be neutralized better when understanding the nature of the threat, may they be external or from within.