Securing Enterprise Networks with Port-Based Network Access Control

One of the biggest threats facing enterprises are outsiders plugging directly into an Ethernet port and being granted instant, unauthenticated access to the network. This threat is especially common in hospitals where there is heavy use of computer systems mixed with untrusted outsiders roaming the halls. Shutting down unused ports is the traditional mitigation. Still[…]

Differentiating Penetration Tests, Vulnerability Scans, and Risk Assessments

Penetration testing has become another hot, and often misused term in the marketplace, joining the ranks of other buzz words such as “Cybersecurity”, “Hacker” and “The Cloud”. Often times, organizations confuse penetration testing with vulnerability scans or security posture assessments (a.k.a risk assessment). While penetration testing does include utilizing vulnerability scans and overlaps with security[…]

Are Penetration Tests Worth the Risk?

I have had several conversations with executives recently about the role of penetration testing and whether or not penetration testing is worth the risk? There seems to be two schools of thought on this issue. One side argues that pen testing is inherently more risky than the risk it’s trying to mitigate, the other side calls[…]

AppLocker: An Alternative to Anti-Virus

Last week I had a fun IT security conversation with a client where we kicked around the idea of how we’d harden an enterprise environment so that anti-virus software wasn’t necessary. (These conversations are why I love IT Audit!) While there are multiple solutions that would need to be in place to go anti-virus free, the[…]

Block Unwanted Internet Traffic with a HOSTS File

One of the most common questions I am asked by my less-than-tech-savvy friends and colleagues  is “How do you keep your computer from getting viruses?” In reality, there are a lot of things you can do to avoid getting computer viruses. Perhaps the most effective is educating yourself about how viruses are actually spread and changing your browsing[…]

Network Security: Chinese Hackers, Google, and the NSA

It is a good idea to have a few anecdotes in your back pocket to put I.T. Security and the importance of I.T. Audit into context. This article by Shane Harris is a great place to start when it comes to understanding the depth and breadth of Chinese Hacking and protecting your company’s and your client’s data.[…]

Your Home Router Could Be Vulnerable

A major vulnerability in the Belkin n750 router could allow hackers to activate the guest network functionality and join your network without any authentication requirements. How to fix the vulnerability Fortnuately, Belkin has already patched the issue so the only thing you need to do to solve the problem if you own a Belkin n750 is update the[…]

What is a Stateful Firewall

Stateful refers to the “state” of the connection between the outside internet and the internal network. A stateful firewall keeps track of the connections in a session table. When a packet comes in, it is checked against the session table for a match. If a match is made, the traffic is allowed to pass on[…]