Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Detoured by Shellshock and Poodle

By Mathias Thurman | Oct. 28, 2014
Keeping the two new vulnerabilities - Shellshock and Poodle - under control, and prioritizing the risks discovered at a new company.

Another practice that has to be circumscribed is the widespread use of remote-control software, such as LogMeIn, Team Viewer and VNC. Currently, the company has no remote-access policy, so establishing one will be a priority, as will be educating users about the need to gain remote access only through our approved VPN client with multifactor authentication.

I also was able to determine that employees are using peer-to-peer applications, which are frequently associated with risks of copyright violation and introduction of malware onto networks. To deal with that, I'm going to want to get approval for a URL filtering service, which would also help protect against users visiting sites that are known to host malware. It might be even better to invest in a threat-prevention technology such as FireEye.

And so I'm on my way to establishing a security strategy and road map. I'll present my recommendations soon to the executive staff, assuming no more crises arrive unexpectedly over the Internet.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.