25 Jan Top 10 Security Administration Blunders
After recently posting the blog titled “Top 10 Mistakes Employees Make That Can Lead to a Data Breach,” I’ve had a lot of related discussions about the serious errors that administrators make. So I thought it only prudent to do a post on the top security administration blunders.
So here’s my take on the top 10 common, but critical, failings and misdeeds that security managers are guilty of.
- Failing to appropriately inform upper management or superiors about significant security risks and motivate them to take pertinent action and render support. I know, much easier said than done, but it is the key to much of this list, and it’s necessary for every level of security administration.
- Failing to create, maintain, teach, and enforce effective security policies. It’s amazing how many organizations shortchange or completely ignore this fundamental principle.
- Failing to guard against insider threats from employees, employee-like users, and imposters posing as employees. Valid employee credentials are used in nearly all data breaches. Administrators need an effective system to detect theft and abnormal application of user credentials.
- Failing to establish security controls for partners, contractors, and service providers and failing to monitor their behavior. Anyone with access to your network needs to have their user accounts monitored for appropriate behavior.
- Failing to promptly update enterprise computers, servers, other equipment and applications with security patches. This is Security 101, but most organizations still don’t do it well.
- Allowing users to run outdated software on their PCs, laptops, and devices. Running old and vulnerable versions of Adobe Flash, Java, and web browsers, for example, are a sure way to invite credential-stealing malware into your user community. Research shows this is a very common problem.
- Sidestepping or shunning basic mobile device security. If you’ve been putting this off, 2016 is the year to get it done.
- Insecurely storing sensitive data without encryption and other safeguards. Yes, this can be a monumental task, but not nearly as large or painful as recovering from a breach.
- Being too generous with permissions. Again, the insider threat is very real and very common. Far too many users have privileges and access rights to things they shouldn’t. You need a way to detect if users are accessing things illegitimately.
- Failing to test for or detect security misconfigurations. This is a very common and dangerous problem—and it shouldn’t be. Simple user behavior analytic tools are relatively inexpensive, effective solutions to detect anomalies like unauthorized users accessing restricted data.
Since most security administrators are already overburdened, it’s no surprise that the above list exists. Unfortunately, traditional security tools are ineffective in helping security staff detect malicious or rogue behavior of those in their network.
The good news is that Fortscale’s user behavior analytics (UBA) tools have been designed for this specific purpose. Although UBA won’t solve everything on the above Top 10 list, it will significantly help administrators resolve most of them. And the time saved by using UBA can help get the other things done, too.
Contact us to learn more.