I had an odd experience the other day. I was on the phone working from my home office and I could see a man walking up to my door through my blinds. My house is currently for sale, which has increased the number of strangers knocking on my door. I figured he was going to ask about the house, so I decided to stay on my call since all of the information he would need about the house is on a sell sheet, conveniently located at the edge of the yard. I heard him knock and yell “hello” a few times, but then I thought I heard a different noise – the sound of my security screen door OPENING. I had a quick ‘no way’ moment and swiftly got up to check on the noise, terrified to discover that this strange man was … IN MY KITCHEN!
What Is My Home’s First Line of Defense?
So why am sharing this somewhat personal story? Because it made me think about the conversations I’ve had around cyber security. My screen door serves a security function. Primarily it is an access point into my house, but it is also as a first line of defense to keep unwanted or unknown people or things from entering. Obviously if the screen door is going to be effective as a first line of defense, the door must be locked. A locked door only allows those with authorized access, someone with a key, or someone that I personally allow access to, the ability to enter.
What is Your Company Network’s First Line of Defense?
This, my friends, is much like our first line of defense for our business networks: firewalls are our security screen doors. Firewalls are meant to guard/monitor the traffic that goes into and out of our networks; however, an improperly configured or unmanaged firewall will be as ineffective as my unlocked front door when it comes to keeping bad agents out.
After I escorted the stranger out of my house (who actually ended up being a curious potential buyer), I went around and locked EVERY door that anyone from the street might have access to. Wouldn’t you know it, not even ten minutes later, the same man was back at my door. He tried to walk in again, this time to ask if he could see the backyard, but his efforts were thwarted because I activated the security measure of the door – the deadbolt.
The Moral of the Story
What’s the moral of the story here? Our security is only as good as the end user. You can have processes in place, but if they aren’t being implemented they’re useless. A minor lapse in judgement can leave us vulnerable to all type of threats. Fortunately for me, my intruder was nothing worse than a person who thought it was ok to let himself into my residence. Sadly, that’s not always the case – either at home or with our computer networks. I can almost guarantee a stranger who goes into your network, will be doing more than just “looking around”.
Are you leaving unlocked doors on your network? You can assess your point-of-sale (POS) security risk with this quick Risk Assessment.