Lately, we’ve seen a lot of news reports about databases inadvertently being exposed on the internet as a result of servers that are not configured correctly. This exposed data can include private information such as insurance records, photos or even veteran combat injuries.
Why is This Happening?
With so many incidents like these, it makes us wonder: Why is it so hard for companies to configure their servers correctly?
Panorays Head of Research Elad Shapira offered six possible reasons:
1. Legacy servers. These types of servers are sometimes difficult to update. In some cases, they cannot be shut down for maintenance for a significant amount of time because doing so will interrupt operations.
2. Patch/update verification. Frequently, companies need to verify that a patch or update will not break existing operations, which may take months. This delay can lead to cyber gaps remaining open.
3. Lack of visibility. Companies often are simply not aware of security issues that might be present in a particular server.
4. Too many technologies. Companies are sometimes overwhelmed with an abundance of systems and updates. These companies lack the right solution for maintenance and upgrading.
5. Too many assets. Often companies cannot keep track of all of the assets that they own. As a result, some large companies can have thousands of unknown exposed digital assets.
6. Difficulty with patching. At times, patches can only be performed by the vendor or the technology provider. This results in having one more barrier to immediate updates.
How Can It Be Prevented?
There are several steps that companies should take to make sure that their data is not exposed.
1. Uncover assets. Identifying a company’s publicly accessible assets or attack surface is a crucial step. Using a solution like Panorays, companies can automatically discover the entire attack surface, including domains, subdomains and IP addresses.
2. Continuously monitor. It’s important for companies to continuously monitor their digital perimeter, so that they can be alerted when there is a change in security level.
3. Check data leaks. Companies should keep track of any data leaks that have been uncovered and check to see if any are third-party suppliers of the company.
4. Employee awareness. To limit the amount of company data exposed on the internet, employees should be cautioned to avoid using their company email addresses for personal usage and/or registration on websites.
5. Threat intelligence solution. It’s important for companies to use a cybersecurity solution that will monitor paste bins, hacker forums and the dark web. Doing so can help uncover whether companies are being targeted.
Want to learn more about how you can avoid misconfigured servers? Contact Panorays today.