Every IT admin knows that security goes beyond passwords, antivirus and firewalls. Even then, it’s surprising that most of the enterprise systems remain highly vulnerable to attacks. The recent developments have shown that even government websites and the best of technology companies are not completely safe.
Most of these security compromises can be eliminated if admins start taking security a bit less for granted and implement the following suggestions:
- Monitor running programs: It’s possible to know all the programs installed and running on a system, but admins try to put off this responsibility for “some other day.” The result is that there are innumerable weak points in the system, as many of these programs can have built-in backdoors or can be compromised by attackers. Therefore, you need to routinely comb through system logs and remove any unwanted programs.
- Weak password policy: In a typical workplace, there is bound to be friendship between the IT department and the regular employees. The result is sensitive passwords and privileges being shared with people they are not at all intended for. Another possibility is taking passwords lightly, and ending up with a very simple combination (say, hello123$) for all logins.
- Patching mistakes: Most companies make sure to download security patches for their operation systems, but popular and important applications are forgotten. This defeats the whole purpose of patching, and gives the attackers an easy target.
While it’s true that security can never be complete, following these outlined steps will ensure that businesses stay clear of the most embarrassing security compromises.