b5media.com

Advertise with us

Enjoying this blog? Check out the rest of the Technology Channel

Click here to visit our sponsor

That Damn PC: Hardware, Software, Virus, Malware, PC Troubleshooting,

Subscribe to That Damn PC: Hardware, Software, Virus, Malware, PC Troubleshooting,
Add That Damn PC: Hardware, Software, Virus, Malware, PC Troubleshooting, to del.icio.us
Add That Damn PC: Hardware, Software, Virus, Malware, PC Troubleshooting, to Google Reader

Easy steps can sometimes be the most helpful

by Jesse on June 30th, 2008

eWeek had a great article/annoying slide show about the top 10 security risks that your users pose to your organization. One interesting thing I noted was with all of the increases in security (firewalls, IPS/IDS, NAC, password hardening, etc) in today’s organization, most of these are not even looked at.

Think about the easy of someone to walk out with their laptop and have it lost on the train (with not encryption)… Or someone with P2P software on their machine (that is sharing out their entire C drive)… Or worse yet, wifi (without separating it from the rest of the network) that isn’t secured with WPA2… Oh the horror!

USB Flash Drives
Laptops
P2P
Web Mail
Wi-Fi
Smart Phones
Collaboration Tools
Social Networks
Unauthorized Software Updates
Virtual Worlds

What are some of the other security risks you can think of that companies face?

Tags: Email, firewall, ips, laptop, nac, phones, protection, risk, Security, Software, tools, usb p2p, User, Wifi

Related Stories

Prepare that PC for its new owner

Eliminate Duplicate files quickly

Ease your way into Windows Vista

How To Remove an Internal/External Liquid CPU Cooler

For the love of all that is helpful, write it down

POSTED IN: Defend Yourself

3 opinions for Easy steps can sometimes be the most helpful

Blake
Aug 28, 2008 at 5:48 pm

I think the biggest security risk in a company is not educating non-technical employees (http://www.asktheadmin.com/2008/08/a-rant-on-the-importance-of-properly-securing-sensitive-data.html is a good example), and people just not being careful in general.
Brian Reich
Nov 1, 2008 at 10:23 am

Overlooked security threats at my organization:

1. Unlocked, generic user accounts: for simplicity’s sake several generic accounts exist so students who forgot their passwords can log in and take online exams without wasting anyone’s time resetting their own password. However these credentials get out in the open and the students use them to surf with (some) anonymity later in the day. Solution: lock those accounts when they’re not in use, and limit the workstations they can log in to.

2. Software that requires elevated privileges. Even some newer software required “Power User” or “Administrator” privileges, including AutoDesk Design Academy 2008, which is key where I work. I hate giving users more elevated privileges than they deserve, but I haven’t found a good solution to this problem yet. Which leads me to…

3. Unneccessary users in the Administrators group. We used to allow our teachers to install their own software, but we’ve remove them from the Administrators group on their workstations for abusing this in two ways. They innevitably end up filling their computer with spyware and junk applications. And on top of that, they use their admin credentials to install software that our school doesn’t have rights to, putting us at risk for fines and lawsuits.
Sravan
Nov 2, 2008 at 11:03 am

Right on the spot, Brian.

Have an opinion? Leave a comment: