Daily Archives: 16/10/2017

Failing to correctly configure your security solutions is one of the biggest risks to you and your customers. Security health checks can prevent it.

So, you’ve got your customers’ security covered from all angles, right?

Layered protection that shares security intelligence across applications. Endpoint security that spots malware traditional anti-virus solutions miss. Machine-learning that gets better and better at understanding threats. Belt and braces.

But then you fail to configure it all correctly and your customers get hit anyway!

Sceptical? Look at Amazon’s AWS solution, which has suffered a number of critical security and other misconfigurations, resulting in compromised user data.

Read Gartner, who say that in 2017 misconfiguration will be the most common source of breaches in mobile applications.

And take heed of the Infosec Institute, who place security misconfiguration right in the middle of the top ten cyber-risks in 2017.

Whichever way you slice it, the evidence shows that even the cleverest solutions can be useless if they’re not set up correctly – but how do you go about making sure the security solutions you deliver don’t fall into this trap?

Health checks: an MOT for your security solutions

The answer isn’t rocket science, but it is common sense.

You get your car checked out regularly to ensure it’s running as it should, and to inform you of any action you need to take to keep it fit for purpose. Essentially, it’s a health check for your motor – and you can do exactly the same for the security solutions and services you deliver.

But the even better news is that the security healthcheck is often far less disruptive and time-consuming than taking your car to the local garage.This is because the health check can often be performed by an engineer remotely, using the same web consoles you use to deliver and manage your security offerings every day.

As the engineer finds configuration faults or errors, they document these in a report that includes recommendations for the actions you need to take to fix them.

Who delivers security health checks, and what do they cover?

Where and how you get your security health checks often depends on the support and services arrangements you have with the vendors of the security solutions you sell – although this is not the only way to access them.

You could, for example, go through a specialist security software distributor who has vendor-accredited technical expertise in-house. This means you get vendor-quality product knowledge but through an organisation that is typically smaller, more agile and delivers a more personal service.

Typically, a product security health check delivered in this way will cover the full spectrum of security configuration points (it could be 60 or more) that can become an issue if not properly attended to, including (amongst others):

  • Unresolved malware
  • Patching and security updates
  • Licence status
  • Choice of deployed modules and scan engines
  • Policy and protection compliance
  • Impending end-of-life, end of support, and other OS-related issues
  • Settings (e.g. threat sensitivity); options enabled and disenabled
  • Identification and authentication

Security health checks; who fixes what’s not working?

If you have technically proficient people in your organisation, they can of course take the recommendations of the health check report and act on them.

But how does it work if you haven’t got the necessary technical resources?

Again, think of your car: you have no hesitation in handing over your keys to a trusted specialist to carry out work you couldn’t. Depending on who you get your security health check services from, the same model is potentially available – hands-on, on-site corrective work, billed according to an agreed estimate of the time it takes to complete the job.

(But no expensive mechanical components to cause the sucking in of air between the teeth, of course!)

Insights: safer than consequences

“Prevention is better than cure”, runs the old adage – but when there’s no cure available, the need for prevention becomes even more urgent.

Sadly, you can’t “cure” breach and theft of your customers’ data, for example – once the data’s been taken, it’s an irreversible action.

And if it occurs because a solution you provide wasn’t set up correctly or hadn’t been kept up to date, the legal, reputational and financial consequences for your organisation – particularly under the imminent GDPR regulations – would be severe.

But regular insight into the status of your security solutions and how they have (or haven’t) been applied can wrongfoot the risk before it trips you up.

A healthier situation all round.