Solved

potential Security Risks

Posted on 2014-04-01
6
326 Views
Last Modified: 2014-04-07
i need some potential Security Risks which i can add to our Risk Register. pls forward me your ideas and recommendations,thank you!
0
Comment
Question by:DukewillNukem
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 39969246
It would be kind of helpful to see what is already in there (complete list) to get an idea of where you are heading.
0
 

Author Comment

by:DukewillNukem
ID: 39969322
risk: Security breaches due to unauthorized use of private devices is one.
solution: Provide secure alternatives like RSA,Citrix and Good technology

risk:Lack of Firmwide document retention standard
solution: Create guidelines on documents which are marked to be deleted or passed the retention period


stuff like that.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39972080
Have a look at my artilces
http://www.experts-exchange.com/members/richrumble.html
click ->Articles Published at the top.
Lot's of risks there to think/read about.

Now matter where I go for an engagement I always see some of these issues:
Insufficient backup's, Users are Local Admins, no patch management, default configurations being used, no password auditing, default passwords being used, clear-text protocols containing passwords, no pentesting being done, coding best practices ignored (lack of SDLC), no security awareness efforts, no log management, insufficient logging levels, no egress filtering... and on and on...
Lack of policies and procedures is another. If your company needs to be PCI or SOX compliant, then you can check off 90% of those requirements as not being done.
-rich
0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 

Author Comment

by:DukewillNukem
ID: 39972152
great! thats what im looking for,i will read thru it and let you know
0
 

Author Comment

by:DukewillNukem
ID: 39977849
but i need Infos like Gartner which list the current threats and risks for an enterprise,especially lawfirms
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 39977920
The current threats haven't changed much... I'd suggest you read the Verizon/Microsoft reports and the OWASP top 10. Every year the threats are the same, they just switch places...
https://www.owasp.org/index.php/Top_10_2013-Top_10
http://www.verizonenterprise.com/DBIR/2013/
http://www.microsoft.com/security/sir/archive/default.aspx
https://www.sophos.com/en-us/threat-center/security-threat-report.aspx

Basically search for "threat report" or "risk report" maybe "enterprise risk report".
-rich
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question