Updated: Jun 18
Vulnerabilities are a part of life.
You have them, I have them, his dog has them, her cat has them. Basically, everyone has them. Even machines and systems that we think might be so perfect and accurate, has them.
However, how we respond and react to them is what distinguishes us from the rest.
Let me share with you a piece of statistic from USA Today:
Billions of people were affected by data breaches and cyber attacks in 2018 – 765 million in the months of April, May, and June alone – with losses surpassing tens of millions of dollars, according to global digital security firm Positive Technologies.
Were you one of them?
Well, you might say no now. However, in these cases, if data security and potential breaches of security are not being actively monitored and mitigated, it’s not a question of IF, but rather WHEN.
So let me ask you:
Do you think your company system is secure? Is it immune to power outages, cyber attacks and security breaches?
One thing you need to know is that every time a computer is connected to the internet, there is a risk that a hacker is out there waiting for the next opportunity to take advantage of a new vulnerability. This needle in the cyber-haystack can then wreak havoc on networks and computers.
Most disconcerting to Decision Makers and IT Managers is the fact that they are able to worm their way into a network and steal proprietary or customer information and other data critical to the company.
This is why any company that keeps customer data (PDPA) will feel obliged to heighten and ensure the security of their systems because the risk of NOT doing is too high.
So what I am trying to say is that, all companies, big or small, has vulnerabilities.
However, how each individual company responds and reacts to their vulnerabilities is different. Some respond to it by conducting a Penetration Test, while others decide to go with a Vulnerability Scan.
So what is Vulnerability Scanning?
If there is a good place to start, it is at the beginning…with the DEFINITION.
Vulnerability Scanning is an inspection of the potential points of exploit on a computer or network to identify security weaknesses in a computer system. A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment, and predicts the effectiveness of countermeasures.
A scan may be performed by an organization’s IT department or a Managed Service Provider (MSP). When you hire an MSP, you should expect that they will stay on top of updates, and monitor your system for any vulnerabilities on a regular basis. Even if your own IT department can conduct the vulnerability scan, it may be advantageous to hire an MSP, as comprehensive testing requires significant bandwidth and can be intensive on time and human resources, thus reducing productivity. Moreover, once vulnerabilities are detected, IT staff will have the burden of determining how to repair the vulnerability and secure the network.
Types of Vulnerability Scanning
Not all vulnerability scans are alike, and in order to ensure compliance with certain regulations, it is necessary to carry out 2 distinct types of vulnerability scans: an internal and an external vulnerability scan.
So what’s the difference?
External Vulnerability Scan
As the name suggests, an external vulnerability scan is carried out from outside an organization’s network. Its principal purpose is to detect vulnerabilities in the perimeter defenses such as open ports in the network firewall or specialized web application firewall. Hence, an external vulnerability scan can help organizations fix security issues that could enable hackers to gain access to the organization’s network.
Internal Vulnerability Scan
In contrast, an internal vulnerability scan is carried out from inside an organization’s perimeter defenses. Its purpose is to detect vulnerabilities that could be exploited by hackers who successfully penetrate the perimeter defenses, or equally by “insider threats” such as contractors or disgruntled employees who have legitimate access to parts of the network.
Unauthenticated and Authenticated Vulnerability Scans
A similar but not always identical variation of internal and external vulnerability scans is the concept of unauthenticated and authenticated vulnerability scans.
Unauthenticated scans, like external scans, search for weaknesses in the network perimeter, while authenticated scans provide vulnerability scanners with various privileged credentials, allowing them to probe the inside of the network for weak passwords, configuration issues, and misconfigured databases or applications.
Ok, so why do I need it?
Exposing our flaws and vulnerabilities can sometimes be beneficial when we are breaking down the walls of people in our lives in order to get closer to them. However, if exposing our vulnerability also means involuntarily exposing the vulnerabilities of everyone in our network, then you better build higher and more solid walls up.
1. Identify any Vulnerabilities
Vulnerability scanning lets you take a proactive approach to close any gaps and maintain strong security for your systems, data, employees, and customers. Data breaches are often the result of unpatched vulnerabilities, so identifying and eliminating these security gaps, removes that attack vector.
Therefore, periodic scanning of your network thus helps to identify vulnerabilities in the critical system that protects against outside threats. It can also help to confirm that your security tools and systems in place are the most updated version there is available.
2. Checks your System’s Configuration
Vulnerability scanning can also help identify improperly configured systems that leave a network vulnerable. We all count on our IT departments to implement new systems in a secure manner. However, sometimes, it helps to have a fresh set of eyes look at the system top to bottom, to help support your team and guard against mistakes when they look through their rose-tinted glasses.
3. Prevents Complacency
How many of you live by the saying “if it ain’t broke, don’t fix it”?
I must say that I am too a culprit of this very bad habit.
So the problem is, if your system is vulnerable, things could run smoothly until someone finds the vulnerability and exploits it. Without testing, it could be “broke” and you just don’t know it yet. An independent assessment is often a great way to check if service levels are being achieved and systems are protected in the manner described in the contract.