How shadow IT and obsolete software menace enterprise infrastructure
- by nlqip
Experts agree that organisations need to conduct thorough audits and risk assessments. The best defences involve tight configuration management, software bill-of-materials tracking, security awareness training, and limiting what can be installed.
“Understanding your attack surface and conducting regular external asset mapping exercises is critical,” Tim West, Director, Threat Intelligence at With Secure. “It is important to note that the answer is not just solely technological. There is a human element behind shadow IT and why it happens. Training and ensuring existing processes work for the needs of your staff is also critical.”
ImmuniWeb’s Kolochenko added: “Even experienced software developers may carelessly deploy a container, with production data, in a cloud to experiment with some new features, eventually forgetting about it, let alone non-technical users with their home computers used for business or mobile devices.”
Source link
lol
Experts agree that organisations need to conduct thorough audits and risk assessments. The best defences involve tight configuration management, software bill-of-materials tracking, security awareness training, and limiting what can be installed. “Understanding your attack surface and conducting regular external asset mapping exercises is critical,” Tim West, Director, Threat Intelligence at With Secure. “It is important…
Recent Posts
- Ivanti Says ‘Critical’ Cloud Gateway Vulnerability Seeing Exploitation
- Microsoft Edge will flag extensions causing performance issues
- Sophos CEO On How EDR Vendors, Microsoft Are ‘Rethinking’ Security After CrowdStrike Outage
- This Windows PowerShell Phish Has Scary Potential – Krebs on Security
- Unexplained ‘Noise Storms’ flood the Internet, puzzle experts