Protecting your business from the Shellshock bug
The Shellshock vulnerability is a wakeup call about the importance of regularly scheduled scanning for businesses of all sizes.
We are fortunate at Bank of the West because we have no evidence that our systems have been directly affected by Shellshock. We are continuously evaluating our systems to protect against potential threats, including the Shellshock vulnerability, and software patches are applied as they become available. In the case of Shellshock, the Bank has also implemented other controls that we keep confidential.
Quick background: Shellshock is a vulnerability in Unix-based systems, including Mac OS X and Linux, that, if left unpatched, could allow hackers to remotely execute commands and potentially take over an operating system, access confidential data, or set the stage for future attacks. Apple has a customer support site with information and updates related to vulnerabilities, including Shellshock.A simple step to help your business
For businesses, this latest issue should prompt a discussion about network security and best practices for keeping a company’s systems as safe as possible. I say “as safe as possible” because, as we see almost every week, 100% protection of systems is nearly impossible.
One easy step every business can take is routine vulnerability scanning. A vulnerability scan essentially tries to find points in your computer network and systems that criminals and hackers may be able to exploit. Vulnerability scanning software can be downloaded from the Internet. There are versions for sale, and there are good free versions. For starters, take a look at tech writer Eric Geier’s piece earlier this year on Networkworld.com on “6 Free Network Vulnerability Scanners.”Benefits of regular scanning
Vulnerability scanning won’t solve all your problems, but it can serve two important functions to help protect a business.
1) Patches. Regular vulnerability scans — say, monthly — may help ensure that your business is aware of the latest patches and vulnerability fixes for all the software and operating systems being used by the business. Scanning software can flag out-of-date software that needs to be patched or updated. This is a key function of vulnerability scanning software.
2) Network weaknesses. In addition to software updates, vulnerability scans may identify other weaknesses in a network, such as a flawed network configuration or a weakness in network authentication processes.
Keeping a network secure can be a big task sometimes. As your business uses more and more software, protecting your systems may become even more complicated. Running a regularly scheduled vulnerability scan is a relatively easy step to reduce risk and help protect your business and your customers.