Earlier this week, Brian Prince over at Security Week posted an article on a subject that we’ve always been passionate about here at eEye, now BeyondTrust, Research – and that’s configuration. More specifically, the incredible impact that smart, effective configuration can have on reducing attack surface for any size organization.
From Brian’s article, I agree with the obvious point that, “…practically by definition, [configuration errors] happen because of poor configuration management…”. Despite the glaringly conspicuous causality concerning configuration complications, the problem is no doubt a large one. Configuration gaffes lead to data breaches time and time again, allowing nefarious ne-er dowells to waltz into your database and grab your customer, patient, employee, etc., data. It’s the best example of “an ounce of prevention is worth a pound of cure” in IT security.
This article highlights the reason why we invested the time and resources to develop the In Configuration We Trust toolset, which includes a free scanner and original research into the topic. You can access the toolset here; give it a try, the data on your machine will thank you.
You can find Brian’s article – Configuration Mistakes Make for Costly Security Gaps, here.