home /

Outdated Access Control and multiple back door loopholes: The perimeter defense had poor security for access control, user authentication and a non-existent network and application-level attack protection solution. Remote locations were loosely designed with multiple methods of accessing the corporate site.

Wide Open Internet Access Policy: There is a very limited internet access policy, thus allowing users and employees to access inappropriate or unproductive content on the network. No protection against Web-based threats that utilize HTTP, FTP-based services, along with numerous rogue instant messaging and peer-to-peer (P2P) causing susceptibility to non-compliance penalties and limited control on bandwidth usage, thus driving up costs. There are several outdated software based proxy solutions that run on over the counter operating systems with known common vulnerability exploits (CVE) and lagged in performance.

Propagation of attacks occurring without proactive knowledge or assistance to impede: There is no strategy to stop the propagating threats on internal networks, thus allowing attacks that already circumvented the perimeter defenses to cause more havoc and affect more systems and the spending of countless hours on patch management.

Non compliance on electronic messaging, allowing clear text to be sent out into the wild: There is no meaningful way to ensure that transferred data was not altered and that it came from a recognized sender. They are very unsure about tampering, spoofing, and unauthorized interception of sensitive electronic mail. Their insecure messaging platform had no detection and was creating a lot of false positives in regards to spam, viruses, and content security breaches.

Wide open Web access to critical applications, due to relying on the perimeter firewall to stop application layer attacks: There was non existent of any web application protection solution for the organizations critical e-commerce and business-to-business (B2B) applications, creating poor performance, limited availability, lack of security driving an increase in the cost of ownership.

Basic password policy with limited checks and balances: A weak password policy did not allow for the organization to distinguish between intruders and legitimate users and lack of any identity management solution created an environment where user’s rights and confidential information could be compromised for embarrassment, annoyance, as well as theft of critical company data.