How to Enhance Your IT Security
Cyber-attacks become a booming business. This is why you should take every possible precaution to prevent from hacker attacks. To close all those small security gaps in your network you need to get to know your installed software in all details. With the following steps you gain full transparency of your software environment and its potential security risks.
Step 1: Bring Light into the Darkness
Inventory tools are the common way to gather the information about all hardware and software assets in the company network. A selection criterion for that inventory tool should be the ability to detect every single installation, whether it lives on a client, server, mobile device, cloud environment ect.
The inventory data consists of thousands of datasets and needs to be translated (normalized and refined) to get a understandable and useable insight of your software installs. For example when inventorying Microsoft products, installs from “Microsoft Corp.”, “Microsoft Inc.” or “Microsoft GmbH” can be found. This makes it difficult for further analyses. For this reason, all of this installs should be normalized to the same naming convention, such as simply “Microsoft”.
This task can take month, if you do not have support by an automated software recognition solution. Especially when further, security relevant information needs to be assigned to a software product, such as the license type, software version, patch level version, software category and functionalities.
If you have this information all together, you are able to identify the potential security risks within your companies’ network.
Step 2: Identify the Slumbering Risk
In your software environment several security gaps can occur, which run simply under the radar of virus programs and firewalls. This different risks are evaluated by different analyses approaches.
Are the patch levels up-to-date?
A software environment with high diversity is pretty difficult to maintain, as the flow of security patches and the validation whether the installation was successful, is not easy to handle. Also there might be software installed you did not even know about, so you have no chance to patch them. So, the first thing to do is to check on the installed patch level version of every software program. If it is not up-to-date, this can be easily used by hackers to enter your network.
Are all of my software programs under support?
A software which is coming to end-of-life does not get any security updates or other support from the vendor. If your company is still using end-of-life software, the possibility to be attacked by cyber criminals increases significantly. On top of the security issue, your company might also keep paying for a maintenance contracts for software, which can not be maintained any more.
To identify this security risk you should evaluate, which software is already out of support to act immediately, or which software is coming to end-of-life soon to be able to plan properly.
Are there any software programs that were not officially approved?
Software products that are used within the company network, without they had been approved by the IT department, can cause several risks. First, this unknown software can be not patched like already mentioned above. Second, the unapproved software can contain hidden spyware, viruses or Trojans etc. that affects the network. Third, data exchange software (i.e. peer-to-peer apps, such as Dropbox) can hardly be controlled, regarding the data entering or leaving the company network.
The following characteristics can help you to identify software, which was probably not approved by the IT department and causes potential risk:
- License types like “freeware” or “free for non-commercial use”
- Functionalities like peer-to-peer applications, open source software, online services
- Categories like games, illegal or other suspicious software
If you have all this security risks in view, you are ready to prioritize, which risks either can be eliminated immediately or where measures need to be planned carefully.
Note: To gain the overview of this IT security risks it takes a lot of time and demands in-depth knowledge about a broad range of software products. An automated analyses tool, such as a software recognition, provides you the relevant information for this analysis methods and enables you to take action immediately.
Step 3: Set up Measures to Enhance Your IT Security
Now that you know where the potential security issues are located within your network, you are able to take action. Every issue mentioned above demands different steps to be solved.
The easiest issue to solve is to patch the software products to the latest security level and to validate afterwards if all patches were installed successfully. To keep the patch level up-to-date you should check regularly on them.
The measures to eliminate the risk of end-of-life software can be more complex. If you make sure that this old software is not used any more you could easily remove it. But if it is still needed you need to find a suitable replacement for it. Unapproved software also needs to be handled carefully. If the software is not fulfilling a business purpose at all, you could decide to remove it from the network immediately. But, if you analyze the functionalities of the unauthorized software and find out it is used for business purposes, you should consider to find a replacement as well.
Before you take action about both of this issues, you should follow the steps:
- Evaluate a possible replacement software
- Discuss the replacement with the affected employees or department to identify and match their needs for the new software
- Discuss the technical feasibility as well as the estimated effort and purchasing costs for the replacement with the IT department, the license manager and purchaser
- Prepare a business case to get approval from the management
A measure that can enhance your IT security in a long term is a consolidation of your entire software portfolio. This is because less software products simply means less sources of risks. Read more about how to consolidate your software portfolio.
If you get bitten by an insect, do not scratch the bite because it might become infected. Inspect your body at least once a day to ensure there are no ticks attached to you. If you find one attached to your body, cover it with a substance (e.g. Vaseline, heavy oil, or tree sap) to cut off its air supply. Without air, the tick releases its hold, and you can remove it.
You Want to Become a Hero of Your Companies IT Security?
The Software Portfolio Management experts of COMPAREX support you to evaluate the security issues in your network. Contact us to get to know more about our Service.
Test our service COMPAREX Portfolio Management Platform in a 30 day trial or fill out the form below to contact us.