In my last blog WIRELESS I discussed how wireless on your network can be a way in for our actors (bad guys). I am going to expand on that in this blog. There are many holes you may not even realize you have on your network so I will show you how some very simple every day things can put you at risk.
BYOD - (Bring your Own Disaster... ohhh I mean device) is a really hot topic and has been for a while. I think one of the biggest reasons is the constant struggle on how to regulate it much less control it. First, let me define what this is. Pretty much it is allowing equipment (cell phone, pad, laptop or anything else you can think of) to attach to your network wirelessly or wired which your business does not own. An example would be Mary doesn't like Windows very much for her publishing job you have her doing for your marketing. She asks if she can bring in her MAC to do publishing (makes sense to me) and you allow her to do this. She brings it in, hooks it up to the network and does her job with your network resources.
Probably a more common scenario is an employee with a phone that you let use your secure WIFI in order to pay his bills at lunch time, do a little surfing (because you put the proper filters for web sites in place... hint hint... wink wink..) and it is allowed to carry that data across the network to his phone because phone reception sucks in your building.
Could anything possibly go wrong in either of these two scenarios? NAH!! Everything is peaches and cream. Nobody goes to a bogus site or clicks on a bad link. WRONG!! The best way I describe this is kind of like a Trojan horse. You have a device that was possible infected BEFORE they started using your network. It is like sterilizing an area for a medical procedure only to have the doctor sneeze all over it once in the area. You get my drift.
Think about that router and firewall again. Like a moat and wall around a castle it is there protecting you. Someone sends you a gift of a pretty horse that gets delivered INSIDE of the protection perimeter. Now you have an issue on how to contain or even stop it from spreading inside out. That is the danger of people bringing devices into your space. But that is just one thing to be aware.
I mentioned printers in my last blog but it is not just printers. It is any device attached to the network. It could be that fancy new scanner you just bought. It would even be that electronic picture frame. Maybe even the new fridge you just bought for the company break room but thought it was so cool that you could monitor it from the Internet so hooked it up to your network.
There is one that I am suddenly seeing more and more of. HVAC. That is right. Anything within the last few years are going to controls that are hooked up through the Internet. A very perfect and vivid example was Home Depot where the actors used credentials that the HVAC guys failed to changed to gain access and go where they needed to go. Every device that connects to your network is capable of being used as an entry point. What is worse is that it is on the inside of your defense. That isn't a good thing.
So once again I will stress. Policy and procedure. Know what is on your network and how it interacts. Did you password get changed from the default? Who knows the passwords and are they complex enough? When was the last time (if ever) you had a security professional just simply test for these holes?
What are becoming obvious to hackers today for holes are things the common businesses owner has no clue are even a threat much less how to fix it. All of the way back to the bank analogy. It is like having that vault in a bank but there are all of these passages in that you dont even think about. When it comes to security you need to keep in mind what is connecting where. It is easier than you think for the bad guys when you leave those holes open. Think like the bad guy..