Firewall management puts UK firms at risk

Top UK corporates have cleaned up their security act but are still vulnerable because of their bad housekeeping, according to an auditor's report.

High-risk vulnerabilities have dived to 6 percent from 19 percent in 2001, according to the Fifth Annual Security Audit from NTA Monitor, which analysed more than 600 of its perimeter tests carried out for government and financial clients last year.

But at least a third of corporate networks were found to have 10 or more flaws leaving them open to attack by hackers.

The most common security risks relate to basic mistakes in firewall management and the configuration of VPN services, allowing the VPN to be located and profiled, according to Kevin Foster, strategy manager at NTA Monitor.

"A third of the companies we examined were guilty of bad security housekeeping, with unacceptable levels of basic flaws found, leaving them vulnerable to external attack. Companies seem to be getting complacent about lower-risk flaws that they previously had under control," he said.

For example, companies with low level DNS vulnerabilities jumped from 70 per cent in 2000 to 83 per cent last year, he added.

Most of the flaws detected were due to installing firewalls and VPNs with their default settings. This leaves custom-built loopholes for hackers.

Stephen Titterington, analyst at Ovum, believes that vendors should make more of an effort to persuade customers to check their configurations.

"Microsoft has gone a little way to help," he said. "In Windows 2003 the default setting is to turn it all off -- you then have to go around and turn on those services and functions that you actually need."

NTA Monitor has issued a Good Practice Guide to securing a firewall VPN which can be downloaded from its Web site.

Let the editors know what you think in the Mailroom.