How can businesses assess and mitigate the security threat of
networked devices such as printers that have operating systems
which can continually re-infect networks with malware?
Businesses affected by theeconomic downturn, suffering a
reduction in resources and anincrease in threats, need to risk
assess their vulnerabilities and think carefully about how and
where to focus their attention, writes Kate Danbury head of
Information Security Service atThe Corporate IT
Forum. Members of the Corporate IT Forum
understand that there is a broad spectrum of serious risks and
vulnerabilities to be addressed, in which networked devices
re-infecting networks is only one challenge.
Valuable data on a machine in a hostile environment is high risk
and a high priority; low-value data on a machine more susceptible
to vulnerabilities is less so and therefore slips down the priority
list. Adopting a risk-based approach allows you to look at the
business as a whole and identify real vulnerabilities, making it
more meaningful to the business and allowing for better
prioritisation of remediation resource.
Members do not disagree that the risk of
infection through networked devices exists, but there are often
more significant risks elsewhere. Security professionals working
against increased threats with reduced resource and budget must
continually assess which risks merit the most time and effort.
Most organisations have strict policies preventing unauthorised
equipment from accessing the network. All devices such as printers
have to go through an approval process. The difficult question then
is, once a device has been installed, do we check what is running
on it?
At a recent vulnerability and patch management workshop,
organisations were asked if they had experienced an issue as
described by Conficker Working Group director Rodney Joffe.
Fewer than one in ten had suffered this kind of infection, and even
when a printer was implicated the case was not proven. Members
consider
Conficker one of many issues related to multifunctional
devices, as these present a host of challenges, including storing
scanned images and allowing access to the network once attached to
a phone system. Which brings us back to priorities.
Understanding the business' risk appetite and translating this
into effective controls will pave the way to a well-maintained
vulnerability management programme, leaving security professionals
the space to react and plan defences.
Read more expert advice from the Computer Weekly Think Tank
>>