Information Security in the Office (pt.3)

This is part 3 of a short series looking at information security in the office – here are links to part 1 and 2.

Information Security in the Office (pt.1) The Printer is the Issue

Information Security in the Office (pt.2) Forgotten Technology

Today we are going to look at infrastructure.

Information security through reliable infrastructure

I did not plan it, but it is a happy coincidence that this article is being published in the same week as Microsoft’s Patch Tuesday for September. The computers your organisation owns or uses (BYOD*) are the most basic elements in your infrastructure – if you do not have a system in place that tracks their updating and security patching then you have a hole in your cyber security. This applies equally to Apple computers and Linux machines.

End-of-Life and information security

If products are no longer supported by a software or hardware vendor, then you should not be using them in your infrastructure. The obvious example is D-Link refusing to fix several major flaws in what appears to the user to be a working router, but one that D-Link no longer manufactures or supports (Toulas 2024), to the more subtle announcement that an older version of Windows 11 will no longer be supported by Microsoft (Gatlan 2024).

Keep a Record

Details like this are something that an IT and Cyber Security Audit will show up and should be a part of your organisation’s cyber security record keeping.

Next

I have more to say about infrastructure and information security.

Clive Catton MSc (Cyber Security) – by-line and other articles

* Not sure what BYOD means or what impact it has on your organisation’s cyber security? Then tune in next week.

References

Toulas, Bill. 2024. “D-Link says it is not fixing four RCE flaws in DIR-846W routers.” BleepingComputer, September 3. https://www.bleepingcomputer.com/news/security/d-link-says-it-is-not-fixing-four-rce-flaws-in-dir-846w-routers/

Gatlan, Sergiu. 2024. “Microsoft to start force-upgrading Windows 22H2 systems next month.” BleepingComputer, September 10. https://www.bleepingcomputer.com/news/microsoft/microsoft-to-start-force-upgrading-windows-22h2-systems-next-month/

Further Reading

Photo by Daniel Dan