Case 1
A medium-sized supermarket receives its customers from 8 in the morning to 8 at night and has to have banking connectivity from each of the checkouts. The network grew according to the needs and there was no planning whatsoever.
In addition to the above, the wireless network had around 5 SSIDs that were used according to the position of the computers that connected to the network.
Around 8 wireless routers were discovered that were interconnected throughout the network, which produced connectivity failures in terms of the number of gateways and routes in the company, not counting the slow connection to the main server of the supermarket, where inventory outflows, income and money outflows, etc. were reported.
Tired of this disorder, they requested advice and today they have a Category 6A network, a router equipment with basic security features that support secure connections with other providers through VPN, distribution of their public IP addresses for services such as CCTV, Internet, Telephony. IP, with redundancy in communication to the Internet, which allows you to secure your banking transactions and payments with debit and credit cards.
On the other hand, the network was segmented into VLANs, improving the experience in connectivity between computers, in payments and in transactional traffic to the Internet.
A company of around 120 employees has a sufficient technological infrastructure for the development of its business.
Firewall with expired protection license.
Server on Premise, outside company security policies, off-domain and without antivirus
WEB Portal platform without maintenance, outdated and exposed.
Consequences:
Server encrypted with RANSOMWARE.
Losses of acquired product: Millions of pesos.
Human resource removed from their duties.
The case refers, first of all, to poor administrative decisions that led to the postponement of the purchase of the threat protection license for the company's firewall system.
Second, the provisioning of a server without antivirus, without operating system update policies, or web services, and remote connections for maintenance to the platform was insecure.
The publication of services to the internet that was made, was made of the entire IP protocol at the request of the information system provider
The attacker had enough time to know the type of information that the server was handling and the information of the server's network, but fortunately, he could not access another server or computer and the attack only compromised that web server.
Do you think that the company should have in its annual budget the acquisition of the firewall licensing?
Do you think that the security of an organization is an expense? Or an investment.
Is it worth risking a company's investment and not planning a cloud service deployment?
What would have happened if all the teams in the organization were victims of a RansomWare and what impact would it have had on the development of the business?