An important aspect of network management and potentially the most unpredictable is information security. As the name implies, information security is concerned with monitoring and controlling access to data on a network. This in itself is a daunting task, but companies with a web presence can be even more vulnerable to security breeches.
According to an April 2007, PC World article, eight out of ten web sites contain common flaws that could allow attackers to access networks and steal customer data, create phishing exploits or craft a variety of other attacks. In fact, network security analysis company, WhiteHat, says that 30% of analyzed computer sites contain an urgent vulnerability, such as one that allows direct access to company databases with customer information.
On a positive note, WhiteHat also reports that a type of database vulnerability allowing SQL injection attacks is becoming less common. Fewer than one out of five sites contain this type of vulnerability, but a successful incident can give a sophisticated attacker access to everything in a company’s database. Still, overall WhiteHat’s reporting echoes an increasingly common theme, which is that web-based attacks are growing in prevalence and have grown considerably in the last two years. As web programming grows more sophisticated and complex, allowing for desktop-like applications, it also becomes even more vulnerable. So what is the problem?
Recent Comments