Troubleshooting DLL and Istream Issues

Top 10 mistakes IT people in SMBs make

By David Vella

Whenever a security breach occurs or something goes wrong on the network, it is always the end-users’ fault – employees who despite receiving lengthy lectures, dozens of emails and verbal warnings continue to ignore even the most basic of security recommendations such as not leaving their passwords on a sticky note stuck to their workstation.

99% of the time this would be the case but there are occasions when an accusatory finger has to be pointed in the direction you would least expect: the IT administrator’s office.

Yes, even IT administrators can make mistakes and they do, especially in small and medium sized businesses. They are human beings after all. Unlike end-users who usually cause problems because they are not IT savvy or they just cannot understand the logic behind computer security (try asking them to leave the door to their house open), IT administrators are expected to be infallible where technology is concerned.

Unfortunately, in today’s hectic and demanding world of technology, the internet and people trying to make life hell for you, IT administrators in SMEs are ‘forced’ to do more than just sit down and monitor the network. They are responsible for nearly every piece of hardware in the company, yes, even the electric kettle; they are the de facto handymen in the building and, if that were not enough, they also have to deal with end-user issues (“I don’t have Internet connectivity…” – ‘cable not plugged in’ stories).

Too heavy a workload, little time and the pressure to meet deadlines and keep the bosses happy inevitably leads to people in IT making errors of judgment… at times serious ones too.

Here are the top 10 mistakes that I feel IT people in SMBs make and some guidelines on how they can be prevented.

Connecting systems to the Internet before hardening them. Classic mistake. Computers are not designed to be connected to the Internet straight out of the box. Before a phone line, Ethernet cable, or wireless card is anywhere near a new computer, install at least a virus protection and spyware scanners, and a program to prevent malicious software from being installed.

Connecting test systems to the Internet with default accounts/passwords. A hacker’s dream. Leaving the default accounts/passwords makes it all the more easy for a hacker to gain access to your network. Change passwords and delete/rename default accounts immediately. Also make sure that employees do not have administrator rights on their machine… they don’t need that level of control over their computer.

Failing to update systems. Security holes exist in your operating system and no software is perfect. Once a vulnerability is found, it's usually exploited within a very short period of time. Therefore, it is imperative to install security patches as soon as possible even if it takes time to check them out in a test environment before updating.

Failure to properly authenticate callers. Giving users passwords over the phone or changing user passwords in response to telephone or personal requests when the requester is not authenticated may be the easiest way to reduce the support call tickets but it is a joy for those involved in social engineering efforts. Enforce proper authentication at all times, even if the voice is familiar.

Failing to maintain and test backups. Laziness is one of the biggest security threats, but creating proper backups is much easier than recreating the data from scratch. Backups should be made often and copies kept offsite (not in the boss’s safe).

Failure to confirm that your disaster recovery plan actually works. Okay, so you have your backups now. But do they work? Have you verified that the backups are good? Do you have a disaster recovery plan? Three ‘nos’? You’re in trouble.

Failing to implement or update virus detection software. What is the use of having virus and spyware scanners if they're not updated? Up-to-date scanners ensure that the latest malicious software is detected immediately. A regular virus scan on each machine is recommended.

Failing to educate users. Users need to know exactly what kinds of threats are out there. Uneducated computer users are often those who fall victim to viruses, spyware, and phishing attacks, all of which are designed to corrupt systems or leak personal information to a third party without the user's consent. Don’t take users for granted or trust them too much. If you have ‘end-user’ and ‘security’ policies in place make sure all employees are aware of them and they follow them.

Trying to do it all yourself. Large companies have sizeable IT departments but small business administrators should ask for advice and help if they have problems setting up their network. External help, though costly at times, ensures you’ve done the job right, first time round.

Failing to recognize ‘insider threats’. Too much trust can kill your network. Disgruntled employees and others can cause enormous problems if they're not properly monitored. IT people should monitor network activity, especially the use of portable devices such as iPods, memory sticks and others. You do not want the company’s confidential data sold by an irate employee to the competition.

More room for error than ever before!

It is ironic that with every advance in technology, the IT administrator is burdened with another task, another problem to take care of. This correlation is becoming stronger with time and it highlights the difficulties facing IT administrators who have limited budgets and no additional support in terms of HR.

The IT security scenario has also changed. Until recently, an IT administrator in a small and medium sized company was primarily concerned with viruses and spam. Today, he has to tackle viruses and spam, vulnerability management, patch management, network audits, and with compliance no longer an option, email archiving and events management. To top it all, the administrator still has to deal with a problem that he has little or no control over: human behaviour.

People are the weakest link and administrators will find themselves battling and defending against all sorts of attacks directed at human nature – overconfidence, trust, lack of knowledge and gullibility. All these will be decisive factors in how successful network security will be in the years to come.

Companies are becoming totally dependent on technology to do business better, faster and across borders. In turn, network and systems administrators will have to face greater challenges which will tax their ability to adequately protect corporate networks. Experience shows that maintaining and improving on security is never easy; hackers, malware creators, spammers, malicious insiders and other, mostly unpredictable, elements all add up to the factors which tend to give these network security professionals many a sleepless night.

However, facts and figures indicate that the challenges today and those of the future will not stem from technology itself; for in its nature technology is a neutral element that can either be used in a good or in a bad way. The biggest threat in years to come will be the same threat to businesses that has been around for the last 200,000 years – the Human being. Human beings, their weaknesses, fallacies and inquisitiveness will all be exploited to wreck havoc within organizations.

So while you may have good reason to point a finger at your over-worked IT administrator, bear in mind that you and your colleagues may be the reason why he has slipped up.

David Vella is Director of Product Management at GFI