博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
Security loopholes that businesses need to plug right now
阅读量:5825 次
发布时间:2019-06-18

本文共 3264 字,大约阅读时间需要 10 分钟。

Security_loopholes_that_businesses_need_to_plug_now

The number of cybersecurity breaches for enterprises continues to spike, leaving even the world's largest companies vulnerable to attacks. Companies are bolstering their cybersecurity initiatives as a result, investing heavily in procedures and tools that will protect their business and their customers. What some don't realize, however, is that the biggest threats to their security could be coming from the inside.

Access Control

Privileged access accounts, which are traditionally created for administrators or super users who maintain and support IT infrastructure, were the source of 55% of all cyber-attacks in 20151 . Together with the increasing need to integrate third party services into an enterprise's IT system, these access accounts should be monitored by businesses and controlled extra carefully, to prevent them from becoming weak points for hackers.

Social Media Security

Social media is an essential channel for businesses, but security measures on some social sites are not too well defined and the third-party links which appear on them may not always be authentic. Businesses should avoid practices such as shared passwords for multiple platforms and accepting unknown friend requests, which may be fake accounts, in order to mitigate the security threat from social media.

Internet of Things (IoT) Devices

, the number of IoT devices is expected to reach 21 billion by 2020, with around 35% utilized for business. Not many users realize that their IoT devices store an abundant amount of their personal or even work data which could be accessed by hackers. IoT devices could even be "hijacked" to perform attacks on networks, . To help prevent IoT devices from being hacked or hijacked, businesses should change the default passwords of the devices and keep the firmware of the devices up-to-date.

Physical Device/Infrastructure Security

Security for IT infrastructure and physical devices is equally vital to software and data protection. Whether it's a USB hard drive, a cell phone or a server room, all of these pieces of hardware pose a potential security risk. For example, cell phones of employees may have apps which provide access to the data of an enterprise. One such app is Office 365, a common mobile business app, that provides easy access a company's documents or email servers. Thus if an employee cell phone is lost or stolen, this could cause a huge liability for the business. Companies should therefore ramp up the security of all physical hardware, such as through passwords or fingerprint recognition, to prevent information from leaking off the hardware.

The Assume Breach Paradigm

It may help for companies to operate under the . This paradigm argues that, in light of the sophistication and prevalence of cyber threats today, organizations should not assume that they will easily be able to avoid any attacks. On the contrary, they should assume that it's only a matter of time before their defenses are breached, or that an attack has already occurred, but has yet to be detected. This kind of ‘assume breach' mentality will sharpen organizations to deploy robust identification and response mechanisms to cyber threats rather than rest on their laurels with half-hearted measures.

1 IBM's 2015 Cyber Security Index

转载地址:http://ftpdx.baihongyu.com/

你可能感兴趣的文章
华为OJ 名字美丽度
查看>>
微信公众号与APP微信第三方登录账号打通
查看>>
onchange()事件的应用
查看>>
Windows 下最佳的 C++ 开发的 IDE 是什么?
查看>>
软件工程师成长为架构师必备的十项技能
查看>>
python 异常
查看>>
百度账号注销
查看>>
mysql-This version of MySQL doesn’t yet support ‘LIMIT & IN/ALL/ANY/SOME 错误解决
查看>>
BIEE Demo(RPD创建 + 分析 +仪表盘 )
查看>>
Cocos2dx 3.0开发环境的搭建--Eclipse建立在Android工程
查看>>
基本概念复习
查看>>
重构第10天:提取方法(Extract Method)
查看>>
Android Fragment使用(四) Toolbar使用及Fragment中的Toolbar处理
查看>>
解决pycharm在ubuntu下搜狗输入法一直固定在左下角的问题
查看>>
多线程day01
查看>>
react-native 模仿原生 实现下拉刷新/上拉加载更多(RefreshListView)
查看>>
MySQL出现Access denied for user ‘root’@’localhost’ (using password:YES)
查看>>
通过Roslyn构建自己的C#脚本(更新版)(转)
查看>>
红黑树
查看>>
UIImagePickerController拍照与摄像
查看>>