Posted by Doug Caverly

Networks are complicated beasts, and any numbers of things can go wrong.  It’s best not to let other people “help” accidents occur, though, and so network managers may find a list of common security-related mistakes useful.

The original list of ten mistakes comes courtesy of Network World’s Carolyn Duffy Marsan and Verizon Business’s Peter Tippett.  It’s worth reading, but for the sake of brevity, we’ll only hit some of the most grievous errors here.

It is, for example, a really terrible idea not to change the default passwords on all network devices.  Likewise, you shouldn’t share passwords across multiple devices or allow for nonsecure remote access.

Here’s a slightly less obvious goof: “Failing to test noncritical applications for basic vulnerabilities.”  This might equate to putting seven locks on a door, but then forgetting to do anything about the regular-strength hinges.  Or just leaving a window open after committing to all other sorts of upgrades.

Finally, don’t fail to find SQL coding errors with which hackers can work.  Marsan writes, “The way that hackers get into these systems is to enter an SQL command in a Web-based form. . . .  Tippett says the easiest way to prevent these errors is to run an application firewall in ‘learn’ mode so that it can watch how users enter data into a field and then put the application firewall in ‘operate’ mode so that SQL commands can’t be injected into a field.”

Hopefully this outline will help you keep your network safe and sound.

This entry was posted on Monday, July 6th, 2009 at 11:52 am and is filed under Uncategorized. You can leave a response, or trackback from your own site.

About the Author: Doug is a staff writer for WebProNews. Visit WebProNews for the latest eBusiness news.