Hardware / Software

There are myriad ways that IT networks are vulnerable, we now consider issues from both a hardware and software perspective.

Hardware considerations:

  1. Backups, backups must be completed of both applications and data. There needs to be both an onsite backup and an offsite backup.
  2. Lifecycle management and hardware backups. Often, IT staff have equipment spares, but forget to test them on a scheduled basis. Or, the spare may reach end of life and have to be replaced.
  3. Switches and Firewall configuration. Many switches used in an IT network are not configured and are “open”. That is the Ethernet ports are accessible to anyone plugging in to the network. By using switch configuration techniques these open ports can be closed.
  4. Security Cameras. Many institutions and private homes are installing cameras for security purposes. These have to be checked on a regular basis, for such things as proper focus, alignment and operation.
  5. Network drawings. It is crucial that your IT department has up to date schematics showing all of the connections of the network, including the placement of hardware Firewalls and Routers. Without accurate drawings it becomes challenging or even impossible to track your devices and make sure that all the required tasks have been completed.
  6. Physical Security. Often switch and Server rooms are left unattended and unlocked. This leaves a gap in the overall security of a company and can be exploited.

Software factors:

  1. Security patches need to be installed when required. As IT networks and systems get larger and larger it can be a challenge to know what level of patch is required where?
  2. Application software is often updated as vendors fix bugs and identify possible security issues. By making a note of what applications are installed on what machine reports can be generated to list key machines for installation of the new version.
  3. OS Operating Systems need to be kept up to date, and also when they are no longer supported they must be withdrawn from service.
  4. Computer Viruses. These can penetrate your IT system in a number of ways and all antivirus protection has to be kept up to date and scans must be performed on a regular basis.
  5. BIOS protection. Windows computers have a BIOS, (Basic Input Output Service) that is used during the Computer Booting Up process. This can be password protected so that people cannot make unauthorized changes to it. This is especially important for laptops. Apple Macintosh computers do not have an equivalent but use EFI, Extensible Firmware Interface where various parameters can be set. It is not possible to password protect this.

Firmware rarely changes with devices but sometimes it needs to be updated if a security flaw is identified. The firmware versions information can be stored in the database as needed.

Download the Time$aving Tool Data Base

We often state that our tool is a perfect focusing agent for identifying possible holes in your system for cybersecurity threats. It helps IT personnel to see where they may have problems. Recently I was reminded to check the tire pressure on my car via the small visual indicator on the dashboard. Just thinking that the pressures on all 4 tires was fine is not good enough. I checked each tire carefully and all of them needed air. It’s the same with your IT network infrastructure. For cybersecurity “tire pressure” are you all set at “32 psi?” Is the air of your defenses sitting too low? Where are the slow leaks that the criminal is looking for? Our tool can help.
MAMAT –  Management and Maintenance Application Technology

Find and fix the leaks in your Hardware and Software Infrastructure.

Get a Risk Metric now.