The top eight computer security weaknesses highlighted in the report include:
- a failure to keep software security up to date;
-
a lack of protection from SQL injection; -
the use of unnecessary services; -
poor decommissioning of old software and services; -
the insecure storage of passwords; -
failure to encrypt online communications; -
poorly designed networks processing data in inappropriate areas; and -
the continued use of default credentials including password.
You can read the full report at http://ico.org.uk/news/latest_news/2014/~/media/documents/library/Data_Protection/Research_and_reports/protecting-personal-data-in-online-services-learning-from-the-mistakes-of-others.pdf
The report is not aimed at IT professionals and is an easy read, highlighting the most common errors organisations make with some good examples.
No comments:
Post a Comment