Vulnerability Management

Written by Carl Mazzanti
December 31, 2005
11:00 pm

Vulnerability Management

Are You Prepared for Hack Attacks?

We’ve all heard the alarming stories about security breaches at data brokers, financial organizations and high-profile retail corporations, proving that even big companies with big IT budgets aren’t immune to data pilfering. These incidents raise an unsettling question: If thieves can victimize large, resource-rich organizations, wouldn’t hacking a smaller, more vulnerable company be almost effortless by comparison?

The obvious answer is yes.

That’s why we can’t urge you enough to be more proactive about securing your data. Many of you have taken heed and had your systems assessed and fortified. Others of you haven’t — and are risking serious consequences every business day.

With so much at stake, why aren’t more companies scrambling for network protection? Here are a few reasons:

1. Lack of Resources
2. “It Can’t Happen to Me” Syndrome
3. Lack of Education on Security Threats

We want you to understand about what can happen – and what you can do to prevent it with a vulnerability management (VM) program.

The first step begins by setting clear, achievable security policies and controls. For maximum protection, VM policies should include configuration standards for firewalls, antivirus protection and other security devices, as well as servers, network services, applications and portable computers. To protect the company’s investments, you have to know what’s out there, which means inventorying and classifying all IT assets. Next is using one or more security scanning software packages to perform a thorough network scan. Network Security Specialist, Rich Anselmo, likens this to checking your home’s doors to make sure they’re locked. “Scanning is the first step in identifying where the vulnerabilities are. If you find an unsecured door, you have to lock it up.”

It’s a mistake for any size business to underestimate the skills and dogged determination of today’s cyber-criminals. They’re well-armed and intent on stealing data and wreaking havoc.

Make sure you are prepared to protect themselves.

Carl Mazzanti

Carl Mazzanti is Co-Founder and President of eMazzanti Technologies, Microsoft’s four time Partner of the Year and one of the premier IT consulting services for businesses throughout the New York metropolitan area and internationally. Carl and his company manage over 400 active accounts ranging from professional services firms to high-end global retailers.

eMazzanti is all about delivering powerful, efficient outsourced IT services, such as computer network management and troubleshooting, managed print, PCI DSS compliance, green computing, mobile workforce technology, information security, cloud computing, and business continuity and disaster recovery.

Carl Mazzanti is also a frequent business conference speaker and technology talk show guest and contributor at Microsoft-focused events, including frequent prominent roles at the Microsoft Inspire (Worldwide Partner Conference / WPC).

Carl, a serial Entrepreneur, gives back to the community through Entrepreneur teaching engagements at Georgetown University, the company’s ocean wildlife conservation effort, the Blue Project, and Tree Mazzanti.