Reducing Your Attack Footprint
- Written by: Dave Nelson
A best practice that appears to be overlooked in many organizations is that of reducing your attack footprint. During recent audits, we’ve discovered that organizations large and small are leaving themselves unnecessarily open to a security breach. Hackers are like rock climbers. They only need a series of small cracks within reach of the each other in order to make it to the summit.
Leaving unnecessary services running on a server, not locking down internal resources and allowing egress traffic with no filtering all increase your attack footprint. It makes you easier to find, grab hold of and allows for a hacker to continually climb your infrastructure without falling off or having no other way to advance.
Take time to shore up these little areas and you can actually drop the risk of a security breach by a significant amount. Not everything related to security has to be expensive or complex. Sometimes it’s just closing up a few small gaps that makes the next ledge just a bit too far of a leap for a hacker’s comfort.