New Software…Look Before you Install…and After!

Security problems with newly installed applications.

Did you ever wonder what happens AFTER you successfully install a new software application on your server? From a pure IT standpoint, the job is pretty much done when the user begins to input data and use the app. For security personnel, it’s a different story. Installing new application software can create all sorts of new vulnerabilities. Even software from large developers can open ports, run extraneous services and broadcast sensitive information. This goes double for smaller developers or niche applications. We’ve had several experiences with this at our accounts, our monthly external vulnerability scans would show nothing for several cycles, then suddenly three red marks would show up. Invariably, the warnings were traced to the addition of a new application, or an upgrade of an existing one. So, if you don’t do vulnerability scans on your network regularly (and you know who you are), at least do one before a major upgrade or install, then do another immediately afterwards, to see what changes. You might be surprised, but better you than your boss!

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish