Avoiding Network Security Mistakes
By Doug Caverly
Networks are complicated beasts, and any numbers of things can go wrong. It's best not to let other people "help" accidents occur, though, and so network managers may find a list of common security-related mistakes useful.
The original list of ten mistakes comes courtesy of Network World's Carolyn Duffy Marsan and Verizon Business's Peter Tippett. It's worth reading, but for the sake of brevity, we'll only hit some of the most grievous errors here.
It is, for example, a really terrible idea not to change the default passwords on all network devices. Likewise, you shouldn't share passwords across multiple devices or allow for nonsecure remote access.
Here's a slightly less obvious goof: "Failing to test noncritical applications for basic vulnerabilities." This might equate to putting seven locks on a door, but then forgetting to do anything about the regular-strength hinges. Or just leaving a window open after committing to all other sorts of upgrades.
Finally, don't fail to find SQL coding errors with which hackers can work. Marsan writes, "The way that hackers get into these systems is to enter an SQL command in a Web-based form. . . . Tippett says the easiest way to prevent these errors is to run an application firewall in 'learn' mode so that it can watch how users enter data into a field and then put the application firewall in 'operate' mode so that SQL commands can't be injected into a field."
Hopefully this outline will help you keep your network safe and sound.
About the Author:
Doug is a staff writer for WebProNews. Visit WebProNews for the latest eBusiness news.
NetworkNewzis an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
archives | advertising info | news headlines | newsletters | comments/feedback | submit article