Have you see what your users are sharing up on your network? What about your server shares – are they divulging too much PII and intellectual property to any Joe Blow on the network?
Outside of mobile security (smartphone weaknesses, lack of laptop encryption, etc.) the problem of unstructured information scattered about the network is a very predictable high priority finding in any given security assessment.
The reality is you cannot secure what you don’t acknowledge. How do you know what’s in your environment just sitting there for the taking? You could very well have experienced an internal data breach and not know anything about it.
Enter GFI LANguard.
I’ve used LANguard for years to uncover open shares on networks and it works just dandy for this purpose.
Do yourself a favor and download the trial version of LANguard and run the share finder tool in your environment to see just what’s being shared out – and exposed. It’s as simple as the following:
I cannot stress enough that sensitive files readily-accessible on open shares is one of the greatest risks on your network. It’s screaming for your attention right now. So track down your open shares, set permissions on a need to know basis or remove the shares altogether, and get your arms around this beast before it grows even larger.
*I wish LANguard had the ability to filter down into open shares even further by only showing shares that are open to specific groups or users that you specify. It’s a hassle to have to manually sort through things… Hint, hint. 🙂
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”