Practicing SAFE Security

When you ask most non-technical peo­ple about cyber secu­rity the answer they almost always give will involve viruses and mal­ware, but to expe­ri­enced IT peo­ple those things are the least of what they have to worry about. To peo­ple on the front lines of cyber secu­rity, pen­e­tra­tion con­cerns are para­mount and are gen­er­ally unre­lated to the viruses, mal­ware and other things that a gen­eral con­sumer has to worry about.

Pen­e­tra­tion con­cerns revolve around two dif­fer­ent types of security breaches. The first of these is an inva­sion from an out­side source, but even these can take on dif­fer­ent forms. For instance, the attack­ing party might have limited – or even zero – knowl­edge of your sys­tems. This means that they would basi­cally be try­ing to break into your sys­tem from scratch. At the other end of this spec­trum, they may have gained access to source code, net­work lay­outs or may even have some pass­words. This could have hap­pened from a mali­cious or unin­ten­tional leak and sim­ply makes the job of the hacker that much easier.

In either case, the end result can be dev­as­tat­ing to a com­pany and can lead to loss of data, includ­ing impor­tant com­pany data or, more impor­tantly, the infor­ma­tion of peo­ple who have done busi­ness with the com­pany. Probably the most famous is the recent intrusion on the Sony net­work in which hackers gained access to the account infor­ma­tion of over 100 million cus­tomers.

One of the best ways to pre­vent this type of attack is to hire cyber secu­rity pro­fes­sion­als to secure your sys­tem and even hack it to reveal vul­ner­a­bil­i­ties. With this method of hacking, pos­si­bil­i­ties are explored in dif­fer­ent lev­els, some­times known as black, white or gray box tests. A black box test assumes that the attacker has no knowl­edge of your net­work lay­outs, source code or pass­words; a white box test assumes they know almost every­thing about these areas and a gray box is assum­ing that they have some knowl­edge of your sys­tems and pass­words. The gray box test is usu­ally what would result when the attack is from a lower or mid-level employee who either feeds his lim­ited knowl­edge of the sys­tem to the attacker or who is con­duct­ing the attack himself.

Inter­weave Tech­nolo­gies can assist in your cyber secu­rity ini­tia­tives whether you are in the mar­ket to hire a pen­e­tra­tion tester or are a small busi­ness look­ing sim­ply to enhanc­e your secu­rity.   The secu­rity pro­fes­sion­als at Inter­weave have an in depth knowl­edge of cyber secu­rity and can assist your com­pany in pre­vent­ing attack­ers from get­ting into your net­work and gain­ing access to your con­fi­den­tial information.