We have been talking in simple generalities involving cyber-security. Let's get into some specifics:
We
have been discussing the absolutely vital importance of your
cyber-security efforts for your computer systems, and have established
that you are indeed facing an existential threat. Period.
How you react to it will determine if your enterprise maintains its healthy outlook. Or fades away.
Potential Distribution Vectors
Let's
talk a little about what I call the Potential Distribution Vectors.
Destructive malware does have the capability to target a large scope of
your computer systems. The malware can potentially execute across
multiple systems all through your network. Because of this, you will
find it important for your enterprise to do a constant assessment of
your computer systems looking for any atypical channels for potential
malware delivery and even propagation throughout your systems.
Systems to Assess Include:
1.
Enterprise Applications: Be especially watchful for those which have
the capability to directly interface and impact multiple hosts along
with their endpoints.
Common examples would include:
a. Patch Management Systems,
b. Asset management systems,
c. Remote Assistance software (which you will find normally utilized by the corporate help desk.)
d. Anti-Virus,
e. Systems assigned to system and network administrative personnel,
f. Centralized Backup Servers, and
g. Centralized File Shares.
While you might not find these
particularly applicable to malware as a threat, it still could
compromise additional of your resources in order to impact the
availability of critical data and applications. Common examples you will
find:
2. Centralized Storage Devices: Potential Risk is direct assess to partitions and data warehouses.
3.
Network Devices: Potential Risk: the capability to inject false routes
within your routing table, or even deleting specific routes from the
routing table, not to mention the capability to isolate or even degrade
availability of critical network resources.
Before we leave the subject, let's discuss a little about these networks to prevent any confusion.
Always
keep in mind that not all computer networks are the same and sometimes
they are wildly dissimilar. For example, the network I use to link a
laptop to my wireless router, my wireless printer, and all the other
equipment is the smallest you can imagine. It is an example of what is
called a "personal area network (PAN). This is especially convenient for
my own personal one person network. Perhaps you work in an office with a
few separate computers that are linked to one or two printers, maybe a
scanner and possibly a single, shared connection to the Internet.
Aucun commentaire:
Enregistrer un commentaire