A security checklist for IT managers

Somebody out there is out to break into your network. That somebody is six times more likely to succeed if the network runs on Windows rather than Unix, according to a study by BindView Corp. The good news, says BindView director of security strategy Scott Blake, is that the odds against a hacker succeeding in his nefarious attack are high if an IT manager stays on top of a few mundane security management tasks.

Somebody out there is out to break into your network. That somebody is six times more likely to succeed if the network runs on Windows rather than Unix, according to a study by BindView Corp. The good news, says BindView director of security strategy Scott Blake, is that the odds against a hacker succeeding in his nefarious attack are high if an IT manager stays on top of a few mundane security management tasks. In this SearchWindows2000.com/Manageability exclusive, Blake prioritizes those tasks and discusses their importance.

searchWindowsManageability: Is Windows more vulnerable to security attacks than other operating systems?
Blake:

We did a study on this last year. We found that Windows NT Web servers are successfully broken into six times more than Unix Web servers. The study assumed, however, that Windows and Unix are targeted evenly. If you assume that every Web server is attacked once a week, regardless of what OS it runs, then you're six times more at risk if you're running NT than if you're running Unix. Even if Windows NT servers are targeted more frequently than Unix servers, it's safe to say that you're still more at risk running Windows.

searchWindowsManageability: What should IT managers' top security management priority be?
Blake:

Number one priority should be getting security patches installed on the system. Almost all of the high profile security problems that we've seen in the last couple of years have been result of old security issues, not new flaw that somebody discovered and used to break in to systems before anybody knew what was going on. These have been security breaches caused by things managers have known about a minimum of 6 months, or even two or three years. The patches for the problem have been in existence, but no one installed them. If everyone installed patches, life would be a lot harder for hackers.

searchWindowsManageability: What should be next on IT managers' security daily agenda?
Blake:

Make sure that user management is in good shape. Enact strong passwords and stronger authentication methods, whenever possible. Passwords are increasingly inadequate as an authentication mechanism. As computers are getting faster, it's getting easier to brute force passwords.

searchWindowsManageability: What would be an alternative to passwords?
Blake:

Any strong authentication method, such as Secure ID or ActiveCard or CrytoCard. Most certificate implementations, however, are reducable to a password, with the additional step (for the attacker) that you have to compromise the client machine rather than going after the server. That's usually easier anyway, because people don't pay as much attention to the security of the clients as they do to their servers.

searchWindowsManageability: Most companies don't go beyond simple passwords, do they?
Blake:

That's correct. They don't, because it's hard and expensive. Users don't like to use anything beyond simple passwords. Users don't want to do a lot of security or even use good passwords. A good password is something that can't be found in a dictionary. It's a mixture of numbers and letters with as many characters as possible as randomly as possible. You want as much randomness in the password as possible, but people aren't very good at remembering or generating random passwords.

searchWindowsManagability: What are other security management tasks that get overlooked too often?
Blake:

Managers often don't pay attention to what is happening on the system, reading the logs as things are going on. They don't do this, because reading logs is tedious; but it's extremely important to the security of the system to do this.

searchWindowsManageability: Are there tools that simplify this task?
Blake:

There are tools that help you reduce audit logs into manageable chunks and pull out important items. Host-based intrusion detection, such as CyberSafe's Centrax, is the best tool for going through log files. For keeping up with patches, a good option is vulnerability assessment tools, software that has a database of problems that software vendors have created patches for.

Dig deeper on Windows Server and Network Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close