Issues to look out for during the holiday season
During the Christmas period, companies are at higher risk of having one or more employees copy copyrighted material onto their network. This can be for a number of factors. Employees will figure that security will be more lax, with the possibility of multiple administrators on holiday thus risking more than usual, figuring they can get away with copying or downloading illegal material without getting caught.
During Christmas time a lot of people buy presents for each other. In the tech industry especially, but even in any other industry it is likely that a good deal of these presents will be some kind of electronic gadgets. Gadgets that are likely to be able to copy and carry a good deal of data, such as mp3 players, portable video players, cameras, and portable storage. Eager to try these devices out, employees are likely to bring them to work with them.
Spamming and Social Engineering mails are also a possible source of piracy. Illegal software vendors might try selling illegal copies of software at low prices, portraying the low price as a big Christmas discount making the deal seem more legitimate.
Before leaving for Christmas holidays, it is essential to ensure that any computers which will be left running have strong passwords. During the Christmas holidays machines are more likely to suffer attacks.
Malicious persons will likely be on holiday as well, thus having more time on their hands to perform targeted attacks.
Attackers will figure that security is probably quite lax as administrators too go on holiday. This would be the perfect time to run brute force attacks which are not likely to be detected or acted upon until after the next year, plenty of time to cover tracks and set a stronghold on the hacked machine.
As administrators take holidays there are numerous aspects that have to be considered and secured. The security of the network must still be handled efficiently, even with the decreased administrator to users ratio or even, in some cases, complete administrator absence.
Automatic updates. During the holiday season, viruses and Malware are more likely to be on the rise as virus writers take break from their respective work places and find themselves with more free time. Thus it is essential that, in the administrators absence, antiviruses continue running, scanning the network and updating themselves with the latest virus definition files.
As administrators are away from work, or a small percentage of administrators are left to cope with a large work load, systems must be in place to automatically monitor the network situation and alert administrators when things go wrong. During the holiday season it is essential that such tools support notifications not only through email system but also through mobile technologies such as SMS. This is crucial as email checking might suffer as people tend to be more socially active during this time of the year.
As companies shut down for the Christmas period, it is essential that not only the personnel go on shutdown but also the non essential services.
Wireless is one such service that, unless it is really needed during a company shutdown, it should be switched off. Wireless is a favorite attack vector as it gives a direct opportunity to gain access to the internal network infrastructure without having to physically break into the company building itself. As an example, the technology allows an attacker to park his car next to the company building and use wireless technology and software to sniff out communication packets, and possibly also use weak passwords to gain access to the operating environments susceptible to man-in-the-middle attacks like shares, unpatched operating systems and more. When not needed, especially during a Christmas shutdown, wireless should strictly be turned off.
Further to Wireless, any service and servers which are not required during the Christmas shutdown should also be disabled if they are not going to be used. This will ensure that, if the organization is targeted, hackers will have the minimum number of attack vectors available to them.
During the Christmas period, generally one would find less people at work places because most people would be enjoying Christmas holidays. Such a situation might lead insiders with bad intent to try to access restricted information, feel safer and might consider acting on it during this low period. Thus it is imperative to ensure critical servers which have crucial information are physically secure. Administrators should ensure server rooms are securely locked before leaving for holidays. Same goes for network switches, wireless equipment and any other device which might provide an entry point to secure networks.
Administrator computers should be considered as critical computers which also need to be physically secure just like servers. Furthermore, hard disk content should be encrypted. If hard disk content is left unencrypted and the only security is relied upon the login procedure, people with ill intend who have access to the administrator computer could easily extract the hard disk, connect it to another computer and possibly copy passwords or implant torjans and sniffers to allow easier future network penetration.