The word cyberattack has virtually become a household term thanks in part to high-profile attacks in recent years. Mention a company name like Equifax or Ashley Madison and it will likely conjure up very different thoughts than they would have just a few short years ago. These type attacks have impacted millions of consumers and businesses forcing the need (and responsibility) to protect your important data.
A vulnerability scan is a technique used to identify security weaknesses in a computer system. Security weaknesses are what cybercriminals look for to gain unauthorized access to a network resulting in…. you guessed it, a cyberattack. I could get all technical and start talking about ports, patches, and the Heartbleed bug, but similar to my other blogs my intention is to bring awareness to these terms in a non-technical way.
A vulnerability scan is performed using software which upon completion produces a report that lists out found vulnerabilities and (depending on the software) will give an indication of the severity of the vulnerability and basic remediation steps. Performing these scans with routine is a widely recognized security best practice among large corporations, however, small and medium-sized businesses often believe they don’t have the resources or the budget for this security technology. You should know there are free scanners available, as well as, free trial software which can be used to test your network. Although there are free options, it is relatively inexpensive to pay a professional to perform one for you.
I’ll leave you with this final thought. Since there is free software available to scan for vulnerabilities, what do you think “the bad guys” are doing with it? You guessed it, using it to find companies who have obvious vulnerabilities they can exploit. This brings to mind a well-known saying: “You don’t have to run faster than the bear to get away. You just have to run faster than the guy next to you”. You don’t need to have the best security, just don’t have the worst.
Next up: What is pen testing?
Click here for our previous post, “What is a Hosted PBX?”
Whether we like it or not: cybersecurity can’t be an afterthoughts and can’t be addressed with just traditional ad hoc and limited point solutions.