HOW TO ENABLE WEB ACCESS TO BROCADE SAN SWITCH SOFTWARE
Other, less significant issues detected by the study included incorrect use of ransomware protection features, undocumented and insecure API/CLI, and vulnerability and lack of oversight in storage software supply chain management. It then input the information into a database to analyse it using various metrics. Continuity also used their technology to review the data collected and figure out what vulnerabilities existed. Part of Continuity’s methodology was to use a large knowledge base that describes possible vulnerabilities, according to Pinhas. "So, part of the problem enterprises have, in any aspect of managing IT, not just around data and storage, is to have visibility - to find out all of their assets, figure out how they are configured, to capture the configuration data, to track it overtime." It was done with our own proprietary data mapping tools," says Doron Pinhas, CTO at Continuity. “We utilised data scientists, but basically we used the collection of the raw information.
The analysis covered the configuration of block, object and IP storage systems, SAN / NAS, storage management servers, storage appliances, virtual SANs, storage network switches, data protection appliances, storage virtualisation systems, and other storage devices.Ĭontinuity Software’s automated risk detection engine was used in the research to gauge multiple misconfigurations and vulnerabilities at the storage level that could pose a security threat to enterprise data. Vulnerabilities found in range of storage techĬontinuity compiled anonymised inputs from more than 20 customer environments covering banking and financial services, transportation, healthcare, telecommunications, and other industry sectors. Insecure user management and authentication refers to a range of issues including unrecommended use of local users, use of non-individual admin accounts, not enforcing session management restrictions, and improper separation of duties/roles. Major access rights issues include a large number of devices affected by improper configuration, including unrestricted access to shared storage, unrecommended zoning and masking configuration, ability to reach storage elements from external networks, and more. More than 70 different CVEs were detected in the environments covered in the research. This leaves a large percentage of storage devices (close to 20 per cent) that are exposed. The report also said that common vulnerability management tools used by organisations do not detect many storage CVEs (Common Vulnerabilities and Exposures), but rather focus on server OS, traditional network gear, and software products. Vulnerable protocols/protocol settings also come from the use of suites such as TLS (transport layer security) 1.0 and 1.1, SSL (secure sockets layer) 2.0 and 3.0, which security experts no longer recommend. The report pointed out vulnerable protocols/protocol settings often relate to the failure to disable -or allowing the default to the use of legacy versions - of storage protocols such as SMB (Server Message Block) version 1 and NFS (Network File System) version 3. Other significant vulnerabilities related to insecure user management and authentication, and insufficient logging. The top three vulnerabilities spelled out by the report include use of vulnerable protocols or protocol settings, unaddressed CVE (common vulnerabilities and exposure) vulnerabilities, and access rights issues. Top security risks include vulnerable protocols The report also outlined 170 security principles that weren’t adequately followed by the enterprise teams. Of the 15 major vulnerabilities detected in the research, three were designated as particularly critical, carrying very high security risks. Organisations need to act immediately to better protect their storage as well as backup systems to ensure their data is secure against ransomware and other cyberattacks, Hecht said. Yet based on our analysis, the security posture of most enterprise storage systems is strikingly weak." “Security vulnerabilities and misconfigurations of storage devices present a significant threat, especially as ransomware attacks have taken hold of businesses over the past few years.
0 kommentar(er)
