According to Rep. Mike Rogers, Chairman of the House Intelligence Committee, 95% of private sector networks are insecure. 95%!!!! That is a crazy number. Experts estimate that $400 billion in information is stolen every year from US Businesses. Just last week The Wall Street Journal, The New York Times, The Washington Post, and former President George W. Bush were hacked. Last August 55,000 Computers at the Saudi state oil company, Saudi Aramco, were hacked, erased, and overwritten so that their data could no longer be accessed!
What does insecure mean? Insecure means that your network and the data contained on it can be easily accessed without your knowledge by unauthorized people.
Who are these people? They are everyone from Russian and Chinese hacker teams, disgruntled individuals, or just random people with enough knowledge and time on their hands.
What’s your liability? If you’re a business, at a minimum, you have your employee social security numbers on file probably in QuickBooks or some other accounting application. You may also have trade secrets, plans, or account information. This is what the hackers want. Please check out this weeks “Face The Nation” at http://www.cbsnews.com/video/watch/?id=50140745n. The cyber security discussion starts at 26:00 minutes. This video is a must watch!!!!!
This is such a huge issue that the Federal Government is tying to figure out coordinate and mandate Cyber Security. They are talking about mandating the reporting of any hack to a central organization and mandatory security measures. The problem is that its the Federal Government so don’t expect action any time soon.
What should I do? There are a few things you can do to make yourself more secure. These things are not complex but they will require some time from you or a member of your staff.
1. Practice a strong password policy.
– Enforce password changes. We recommend changing your password at least every 45 days.
– Make your password complex. Make your passwords at least seven characters long. Mandate usage of at least three of the following categories in your passwords: upper case letters, lower case letters, numbers, and non-alphanumeric characters.
– Setup a password lockout policy – Hackers love it when they can try to crack a password by entering different combinations over and over until they get it right. Lock the account if there have been too many incorrect attempts. We recommend locking the account after five attempts.
2. Regularly update every device on the network.
– Hackers #1 method for breaking into your network is by exploiting the devices on your network that are not updated. They do this by running robots on the internet that are aware of all published and unpublished exploits for all network devices. If they hit a device that answers to the exploit they are in. The only way to close this hole is to know every device that is plugged into your network and make sure it is updated with the most current patch available.
3. Change out your network firewall and wireless access point.
– I know, these devices are probably still working and they are five years old. The problem is that the manufacturers of your firewall and access point eventually stop updating them. If you haven’t seen a patch for your wireless access point or firewall in the last year then its time to replace them.
4. Police your network login accounts.
– Disable or delete the accounts that are not in use.
– Make sure that NO ONE has admin rights that does not need it.
5. Keep your security software up to date.
– Install security software on any device that has proprietary info and keep it up to date.
6. Create a network security policy and live by it.
– Please check out our post on how to setup a good network security policy for some tips on how to do this.
7. Test your security regularly and fix anything that isn’t working right.
– Scan your network for vulnerabilities regularly.
– Do penetration testing against your firewall.
– Fix everything that turns up in your tests.
This may sound like a big task but it really isn’t. If you don’t know where to start then give us a call at 512-832-6209 and we can help.