An organisation could have potentially have hundreds of security vulnerabilities and weaknesses at any one moment in time. This post is a list of the top 10 most common Infrastructure security weaknesses and potentially exploitable vulnerabilities affecting the average company.
10) Patch management procedures are lacking
9) Non IT users with admin rights
8) Admin account used for day to day activities
7) Server room: Physical controls lacking
6) Servers with public facing IP without necessity
5) Offsite server backups not secured or do not exist
4) Disaster Recovery plan does not exist or is outdated
3) Server logs are not reviewed or not reviewed regularly
2) Scans for critical data not occurring – unauthorized access and unsecured data
1) Vulnerability scans not occurring on servers or Internet facing resources
Do you know if you are safeguarding against these potential weaknesses?