网络管理员甚至独立计算机的管理员始终关注安全性。他们试图针对他们能想到的所有可能的网络安全威胁实施计划。在这样做时,他们经常忘记一些非常基本的威胁。
网络安全威胁
本文列出了五个鲜为人知的网络安全威胁。
1]网络(Network)或独立系统的用户
网络用户使用计算机的方式是最容易被忽视的威胁之一。用户是在网络上的计算机上花费最多时间的人。即使您的计算机在不同端口设置了防火墙,如果用户携带受感染的笔式驱动器,所有安全措施都会失败。在某些情况下,用户可能会连接到网络并将计算机单独放置几分钟。如果其他人决定查看数据库,这几分钟的成本可能会很高。
与这些忽视作斗争的唯一方法是教育用户。此外,无论是独立计算机还是网络上的计算机,都应让用户对因疏忽而发生的问题负责。
阅读(Read):什么是云安全挑战(What are Cloud Security Challenges)?
2]谁(Who)是通过VPN连接的那个人(Person Connecting)?
VPN(VPNs)可能是一种危险,因为它们允许人们远程连接到公司网络。虽然在某些情况下,组织会为VPN(VPNs)提供已配置的笔记本电脑,但在其他情况下,人们可能会继续创建VPN连接。如果没有监控,后者可能会造成厄运。除此人的意图外,缺乏适当的安全预防措施可能会导致网络瘫痪。
为避免VPN(VPNs)出现问题,建议您列出授权机器并仅允许这些机器通过VPN连接。您还可以设置审核以检查谁都使用哪些机器连接到网络以及原因。
3] 过时的应用程序是一种责任
在某些网络中,他们继续使用旧版本的应用程序(例如Outlook Express),因为他们不愿意在升级上花钱。这里的支出指的是金钱和时间。较旧的应用程序可能很容易在您的计算机/网络上运行,但从某种意义上说,它们是一种威胁,它们很容易被网络内外的恶意人员接管。与较新版本相比,较旧的遗留应用程序也往往会出现更多故障。
建议您查看升级费用。如果没问题,请升级或迁移到具有类似功能的全新应用程序。例如,如果您仍在使用“ FoxPro for DOS”类型的应用程序,您可能希望迁移到Visual FoxPro以确保您的程序是最新的并安装了安全性。
4]运行不可能程序的旧服务器(Old Servers Running)
几乎所有网络都有一台或多台运行旧程序或操作系统的服务器。由于不再提供支持,因此无法更新这些服务器。这样的服务器虽然看起来工作正常,但对网络来说是一个很大的风险。你知道服务器不会崩溃。但它肯定可以通过窥探网络来劫持。
最好的方法是虚拟化古代服务器正在运行的程序。这样,您可以尝试升级程序。或者,您可以放弃整个程序并进行替换。
5] 本地管理员总是一个威胁
通常,本地管理员是被授予特殊权限的人,只是为了解决计算机上的问题。一旦故障排除结束,管理员权限应该被撤销,但 IT 人员忘记了这样做。在这种情况下,本地管理员用户帐户有一天会引发问题。与本地管理员打交道的最佳方法是创建自动过期的配置文件。
在我看来,这是五个鲜为人知的网络安全威胁。如果您想补充或觉得我遗漏了什么,请在下面留言。(These were five lesser-known threats to network security, in my opinion. If you wish to add or feel I have missed out something, please leave a note below.)
Lesser known Network Security Threats that Admins should be aware of
Administrators of networks and even standalone computers are always concerned about security. They try to implement plаns for all the possible thrеats to network security that they can think of. In doing so, they often forget some of the very basic threats.
Network Security Threats
This article lists five lesser-known threats to network security.
1] Users Of The Network or Stand-Alone Systems
The way users of the network use the computers is one of the most overlooked threats. Users are the ones who spend the most time on the computers on a network. Even if your computer has a firewall at different ports, if a user brings an infected pen drive, all security measures fail. In some cases, the user may connect to the network and leave the computer alone for few minutes. These few minutes can prove costly if someone else decides to take a look at the database.
The only method to fight these neglects is to educate the users. Also, be it a standalone computer or a computer on the network, users should be made responsible for problems occurring out of neglect.
Read: What are Cloud Security Challenges?
2] Who Is That Person Connecting Through VPN?
VPNs can be a danger as they allow people to connect remotely to the corporate network. While in some cases, organizations provide configured laptops for VPNs, in other cases people might just go ahead and create a VPN connection. The latter can spell doom if not monitored. Other than the person’s intentions, lack of proper security precautions may bring down the network.
To avoid problems with VPNs, it is suggested that you make a list of authorized machines and allow only these machines to connect via VPN. You can also set up an audit to check who all are connecting to the network using what machines and why.
3] Outdated Applications Are A Liability
In some networks, they continue using an older version of applications (for example, Outlook Express) for unwillingness to spend on the upgrades. Spending here refers to both money and time. Older applications may be running easily on your computer/network, but they are a threat in a sense that they can easily be taken over by malicious people on/off the network. Older legacy applications also tend to break down more compared to newer versions.
It is recommended that you check out the cost of the upgrade. If it is okay, upgrade or else move to an entirely new application with similar functionality. For example, if you are still using “FoxPro for DOS” type applications, you might want to move to Visual FoxPro to make sure your programs are current with security installed.
4] Old Servers Running An Impossible Program
Almost all networks have one or more servers that run older programs or operating systems. These servers cannot be updated as support is no longer available. Such servers though appear to be working fine, are a big risk to the network. You know that the server won’t break down. But it sure can be hijacked by prying eyes on the network.
The best method is to virtualize the programs that the ancient servers are running. This way, you can try and upgrade the programs. Alternatively, you can shed the entire program and go for a replacement.
5] Local Administrators Are Always A Threat
More than often, local admins are the people given special privileges just to troubleshoot something on the computer. Once the troubleshooting is over, admin privileges should be revoked but the IT people forget to do so. In such a case, the local admin user account will invite problems one or the other day. The best method to deal with local admins is to create profiles that auto-expire.
These were five lesser-known threats to network security, in my opinion. If you wish to add or feel I have missed out something, please leave a note below.