Present Blog-IT thought leadership in Canada

9 common risk factors linked to an enterprise’s IT network

Written by Francois Desjardins_ | Dec 12, 2017 12:45:00 PM

The IT network is a driving force for all businesses today because of the volume of information that is exchanged electronically. But, when we talk about connectivity and information sharing, we also must address the increased risk of data loss or service disruption. Breaches in the system can be disastrous. 

To find out if a sword of Damocles hangs over your business, it is important to analyze the potential risks your network faces daily. If you experience one or more of these 9 problematic situations, you should remedy it as soon as possible. Here are our recommendations.

 

 

1. Permanent passwords

Not having an expiration date for your users' passwords presents a significant risk of hacking. This makes it much easier for unauthorized users to enter your network.

 

Recommendation: 

Perform a scan of all user accounts whose password has never been changed. Then configure an automatic and regular reset of their passwords.

 

2. Inactive computers

Connected computers that are not used present a risk to businesses because the equipment is not checked regularly.

 

Recommendation:

Make a list of inactive workstations and analyze your needs. Should these devices be removed from your environment or turned on and brought up to date? 

 

 

3. InactiveAnti-Spyware or Antivirus

Malware, also known as viruses, is designed to damage networks by spreading from computer to computer. That's why all workstations and servers that do not have antivirus and antispyware protection pose a real threat to businesses.

 

Recommendation: 

Make sure that anti-spyware and antivirus are active on the entire network. You will avoid the security or productivity problems associated with the spread of viruses in your IT environment.

 

 

4. An operating system on extended maintenance

Extended Maintenance is a grace period granted to users of an operating system that is about to be abandoned by the vendor and for which support and updates will be discontinued. Workstations that use an extended maintenance operating system will put you at risk for a failure that will not be the responsibility of the service provider.

 

Recommendation:

Upgrade all workstations whose operating system is in the extended maintenance period.

 

5. An unsecured listening port

For certain companies, the use of unsecured listening ports is legitimate or even necessary. However, a workstation whose protocols are unprotected puts at risk the exchange of data. This is why we must pay special attention to it.

 

Recommendation:

Minimize the use of unsecured listening ports in your network to prevent the spread of malware. When this type of service is required, it is recommended that programs that listen on the network be analyzed to ensure their necessity and safety.

 

6. An obsolete operating system

Workstations whose operating system is no longer supported no longer receive vital security updates and patches. They represent a real threat to your entire network. 

 

Recommendation:

Upgrade or replace computers with obsolete operating systems.

 

7. A user inactive for more than 30 days

A user who does not log in for more than 30 days may be a former employee or supplier. Since the majority of IT disasters are caused by internal sources, this type of situation puts the company at risk of corporate hacking or espionage. 

 

Recommendation:

Remove or disable access for all users who have not logged in for more than 30 days.

 

8. Absence of a redundant domain controller 

Not having a redundant domain controller that replicates data increases your risk of service disruption, downtime, and significant loss of data and revenue. 

 

Recommendation:

Analyze the risks you face. Then, evaluate the costs and benefits that implementing a redundant domain controller would entail. 

 

9. Firewall that is no longer supported or not up-to-date 

The firewall is a wall of protection between the web and your environment preventing malicious programs to be installed or an intruder trying to access a private environment. It is important that this protection is optimized and up-to-date to reduce negative impacts on your environment. 

 

Recommendation:

A sandbox concept is available to check and validate what is happening to your environment behind the firewall, which also adds an extra layer of protection.

 

 

IT security, and the security of the network in particular, should not be taken lightly and we must not forget that threats do not come solely from external hacking. In fact, more subtle, but cumulative threats can be the cause of major problems in companies, while they can be avoided! 

Get a free diagnosis of your IT network to eliminate any surprises!