What Can a Security Misconfiguration Lead to?

Something as simple as a security misconfiguration – a toggle not clicked on, a shared password – can have damming consequences on your organization and hurt all your web applications. The cost of the average breach is about 4 million dollars, and most of them can be avoided.

What Can a Security Misconfiguration Lead to?
What Can a Security Misconfiguration Lead to?

What Can a Security Misconfiguration Lead to?

In this post, we’re going to tell you what security misconfigurations are, what kind of impact they can have on your business, and what red flags – within your organization – you have to be on the lookout for.

What is a security misconfiguration?

A security misconfiguration is a situation in which the system has been configured in such a way that it can be compromised by an attacker.

An example of this would be when an organization sets up its firewall to allow traffic from the Internet, but not traffic from the inside network. This configuration would allow an attacker to connect to any service on the network without being detected.

As a whole security misconfiguration is a flaw in your system’s settings that allows unauthorized access to data. In most cases, it’s an unintentional faux-pass — either an accident or an error due to a security manager’s lack of information and ignorance.

But, most often than not, they are the result of human error and can be difficult to detect. A security misconfiguration can be caused by an employee who accidentally exposes sensitive information or by a hacker who deliberately exploits a system’s vulnerability.

A common way hackers find security vulnerabilities is by scanning for open ports on servers and finding any that are unsecured.

Why do security misconfigurations occur?

Security misconfigurations occur when people make mistakes in configuring their security settings. These mistakes are often made due to a lack of understanding about the configuration, or because they are not paying attention to what they are doing or following the instructions properly. Some of these errors include:

  • Not changing default passwords for an account
  • Allowing users access to accounts with too many privileges
  • Leaving a laptop unattended at a coffee shop
  • Connecting with devices that have malware installed on them
  • Sharing passwords with other people

And, here’s the kicker, we’re all prone to these types of errors. Let’s do an exercise together, how many passwords do you juggle with daily? Or better yet, how many networks or platforms do you typically access, on a day, that need a password?

Did you know that the vast majority of people, simply because it’s easier, repeat their passwords across most platforms and access points? Not only that, they have incredibly simple recovery questions in place — for example, “name of your spouse?”

All of these plus a dozen of other issues can be fixed simply by effectively configuring your current security settings.

What is the impact of security misconfiguration?

A study showed that more than 73% of organizations have at least one high-risk security misconfiguration — the type of setting that can expose them to attacks, leak critical data and system intel, and allow access to outsiders to sensitive private services or even the main web service console.

Most of these vulnerabilities occur simply because someone wasn’t paying attention, or in most cases, because they left the network’s default – the one right “out of the box” – configuration on.

Security misconfiguration have skyrocketed

A report by IBM unveiled that security misconfigurations have gone nuclear in the past few years. Why? Because there are simply too many apps, software, and different tools and systems our workers need.

Every day there’s something new that needs access to our private systems. That report uncovered that security misconfigurations have jumped in the past 2 years by 424%.

Attackers are more sophisticated — and better funded

Today, attackers have an incredibly sophisticated business infrastructure. Long gone are the lone wolves, now it’s an army of predators – in farms and teams – preying on you.

And like all businesses they have costs. The fact that you’ve up your game – security-wise – means that they too need to do the same.

This means they require better tech, better employees, better methodology, better intel-gathering strategies, and that hurts their bottom-line, which demands they constantly re-invest.

And that extra cost, they pass it over – directly – to you. Today, hackers are charging 10x more than they used to for their services. Either to the people that employed them to attack your system or to you through ransomware. A simple security misconfiguration can end up costing you millions of dollars.

21 days later

21 days — that’s the average downtime of a company due to a security breach. That’s 21 days in which your revenues are being compromised.

Your whole network has to be scrubbed clean of malware if you are attacked and it may take you up to 21 days. 21 days in which you are either “re-launching” your brand and not making a dime. Or 21 days in which you are working with one hand tied behind your back.

Liabilities

Today most governments, and consumers frown when a company accidentally exposes a user’s private data. In the case of governments, this may lead to hefty fines.

In the case of consumers, it may propel a class-action suit — or, at the very least, your reputation being tarnished.

How to limit the risks of security misconfigurations?

Security misconfigurations are one of the most common and dangerous issues that are faced by organizations. These security misconfigurations usually happen because of human error.

So, it is important to have a plan in place to limit the risks of such errors. And it all starts with creating a work setting where security is venerated — where it’s not seen as a hindrance or a nuisance. An environment where it is part of your company value.

There are a couple of core tweaks you can make to your security misconfigurations — like better password protection, endpoint scanning, VPNs, etc, but unless your team is on board and is willing to participate in constantly employing them they simply won’t be effective.

Leave a Reply

Your email address will not be published.