, Singapore (PressExposure) April 24, 2009 -- Poor network management and basic security vulnerability oversights are leaving organisations open to security attacks, compliance breaches and operational downtime.
This is one of the key findings in the Network Barometer Report launched today by Dimension Data, the $4.5 billion IT solutions and services provider. Datacraft is a wholly owned subsidiary of Dimension Data. The Report presents the aggregate data from 152 Secure Network Infrastructure Assessments (SNIAs) conducted by Dimension Data for organisations around the world during 2008, and provides an overview of networksâ configuration, security vulnerabilities and device life-cycle status.
The results provide a revealing view into networks and their common problems, errors and obstacles to success:
â¢ 73% of deployed IOS versions have known security vulnerabilities. â¢ There is an average of 15 security best practice configuration errors per device deployed, despite widely published and recommended standards. â¢ 43% of all equipment reviewed has entered the end-of-life cycle, and of this group, 56% is either beyond end-of-software maintenance or last-day-of-support.
Security vulnerabilities According to the Report, 73% of networking devices have known security vulnerabilities which expose a business to both external and internal security attacks and breaches, and which could have significant implications for regulatory compliance.
Dexter Wee, General Manager, Network Integration of Datacraft Asia says, âOrganisations are running with vulnerabilities theyâre probably not aware of. The results also indicate that thereâs a lack of process to remediate these vulnerabilities.â
And thatâs not all. For many sectors, non-compliance can result in considerable penalties. For example, merchants may be excluded from the credit card companies that their business transactions rely on. This means data leaks and compliance failures, along with natural disasters and market crashes, are issues which should rank high on executivesâ risk list.
Configuration errors The research also showed that an average of 15 security configuration errors were found per device deployed â despite widely published and recommended standards.
âThese results are astounding,â says Wee. âThe most basic protection measures against threats which could harm an organisation, such as access and password configurations, are simply not in place. Itâs the functional equivalent to leaving the doors and windows unlocked when you leave home,â he explains.
End of Life cycle The Report also reveals that 43% of all equipment reviewed had entered the first end-of-life cycle stage, and of that group, 56% was beyond either end-of-software maintenance or last-day-of-support. Ageing IT and network assets, depending on their functions, will become increasingly unsupportable and open to risk, leaving the organisation exposed to potential availability and mean-time-to-repair risks. Additional commercial implications arise when an end-of-life device fails and must be replaced. Businesses may then have to buy expensive technology in compressed timeframes, without the customary due diligence which ought to be applied in such procurement decisions.
âToday, organisations depend on the functionality, availability and successful management of their IT networks. Indeed, many companies would simply not function without the technologies that enable their business processes,â says Wee. âGiven this dependency, the basics of keeping networks running and âready for businessâ should be a priority for most organisations.â
âAs such, rigorous network asset planning is crucial in working out a roadmap of which technology requires replacing down the line. This can realise cost savings, streamline processes and improve productivity â all competitive advantages that are critical to organisations in the current economic climate.â
For more information on the Dimension Data Network Barometer Report go to [http://www.datacraft-asia.com/networkbarometer].
*PSIRT = APSIRT is a software vulnerability that has been identified by Ciscoâs Product Security Incident Response Team
About Datacraft Datacraft is a wholly owned subsidiary of Dimension Data plc (LSE:DDT), a US$4.5 billion leading global IT solutions and services provider. Datacraft operates in over 50 offices across 13 Asia Pacific countries. We help clients plan, build, support, manage, improve and innovate their IT infrastructures. Datacraft combines an expertise in networking, security, data centre, storage, Microsoft solutions and contact centre technologies, with advanced skills in consulting, integration, training and managed services to craft IT solutions for businesses. For more information, please visit http://www.datacraft-asia.com.
About the Dimension Data Network Barometer Report The Network Barometer Report presents the aggregate data from 152 Secure Network Infrastructure Assessments (SNIAs) conducted by Dimension Data for organisations around the world during 2008. The Report provides an overview of networksâ configuration, security vulnerabilities, and device life-cycle status. The Report is available for download from [http://www.datacraft-asia.com/networkbarometer].