Of course, you’re thinking about threats when configuring your organization’s IT infrastructure. There’s the risk of complete failure, not to mention compromised data. Both extended, sudden downtime and data breaches can be devastating, with long-lasting consequences. However, it’s often the small and hidden threats that end up becoming bigger problems.
Identifying these risks early on allows you to devise and implement a plan. And everyone knows you can’t proactively address hazards you can’t see or anticipate. You can only react, which may be insufficient. Let’s look at three hidden risks in your IT infrastructure and ways to address them.
1. Recently Discovered Software Vulnerabilities
Yep, most of us are familiar with security patches. They’re part of operating system and software update releases. While these updates are less disruptive and more automated than they used to be, they take some time to develop. A software developer has to first discover the flaw in the application and come up with a fix. There may also be a testing window to ensure the patch works before an official release.
When patches are available for software vulnerabilities, the solution is easy. All you have to do is install and relaunch the app. But what about recently discovered software flaws without an available update? Also called a zero day vulnerability, these are risks a developer hasn’t had time to come up with a fix for yet. What makes these threats even more dangerous is malware and anti-virus scanners can’t detect them.
It’s because the bad guys know the potential exploits exist and developers have just clued in. Yet, the community at large, including anti-malware programs, is still in the dark. The way to prevent malicious actors from taking advantage of these vulnerabilities is through allowlisting and ringfencing.
With allowlisting your team determines what apps, scripts, and libraries are allowed. Anything else is blocked. Ringfencing stops permitted applications from touching the registry, protected files, and internet-based configurations. This method also prevents interactions with built-in operating system tools like PowerShell. Both ringfencing and allowlisting can prevent attacks via zero day vulnerabilities from advancing.
2. Supply Chain Software
Do you share apps with vendors in your supply chain? Maybe you’ve allowed access to your software and systems? Examples include giving a vendor a VPN login and administrative privileges to a web-based application. Although this creates conveniences for those your organization partners with, it also leads to hidden risks.
The 2013 Target data breach is an infamous example of how granting third-party access can lead to dire consequences. In this scenario, an HVAC vendor wasn’t following standard IT security protocols. Simultaneously, the retail giant was overlooking warnings from its own anti-intrusion software. Unfortunately, approximately 40 million consumer credit and debit card accounts were compromised due to the breach.
The breach is a case study of thoroughly vetting vendors, including their security practices. It’s also a lesson in how critical it is to implement and listen to warnings from internal monitoring systems. As supply chain partnerships become more integrated, complex, and multifaceted, the hidden risks will only multiply.
Establishing guardrails comes down to scanning all software for vulnerabilities. Software developed from open-source and reused code is especially susceptible to attacks. The more common something is, the more it’s readily studied and deconstructed by those looking for an opportunity to exploit. Continuous monitoring, granting access based on job level/duties, and establishing transparent communication with vendors are key.
3. Provisioning Errors
The majority of companies experience unplanned downtime, which can be highly disruptive. A study found 82% of organizations have had at least one unforeseen downtime event in a three-year period. Most have had two or more. Configuration errors and application incompatibilities within your IT infrastructure can lead to unplanned events. So can the human factor and provisioning mistakes.
Provisioning mistakes occur when you under or over-provision. It means you’ve found yourself in one of two scenarios. You could have insufficient hardware and software for your company’s IT needs, putting unnecessary strain on the systems. Alternatively, you might have too much. The infrastructure is simply too complex for the job.
Both situations cause performance problems, such as unplanned outages. Unplanned downtime means people in your organization can’t work or serve your clients’ needs. People may forgive one even if your company is back online within less than an hour. However, you can’t count on it. There will always be the risk of someone who doesn’t forget and has crucial, life-threatening needs.
The medical community is a prime example of this. Outages are certainly more than minor inconveniences. Preventing downtime due to provisioning errors starts with a proper assessment. It doesn’t hurt to ask for outside expertise in the planning of your infrastructure, whether it’s a new build or an upgrade. And if you’re replacing pieces at a time, ensure there’s enough research and testing for compatibility.
Managing Your IT Infrastructure’s Hidden Risks
Technology is a business asset with constantly evolving risks. Hardly any organization can go without IT infrastructure, but having it also creates vulnerabilities. Your company has data and other networked resources malicious actors believe are valuable. In most cases, they’re not launching cyber attacks for fun. They’re doing it for profit.
Your team can defend your organization by addressing the less-than-obvious threats within your infrastructure. These include exploitable software coding for which there aren’t security patches and provisioning missteps. Monitoring and addressing under-the-radar threats can stop them from becoming blatant widespread disasters. The key is to not become complacent just because you can’t see them unfolding now.