People are becoming increasingly aware of how valuable their online data is, and how easily it can be hacked (just ask South Korea!); but just because they know they’re vulnerable, doesn’t mean they know what to do next. It’s the same with our bodies – we know we can get sick but as most of us aren’t doctors, we wouldn’t know where to begin looking for illnesses; and as someone who uses the NHS symptom checker daily can tell you, you really should consult a professional. So, for our online health, this is where vulnerability scanning comes in.
What is a vulnerability scan?
The bad guys are constantly scanning for vulnerabilities in systems out there, to find out who is already open to attack. The idea of a vulnerability scan is that you find the weaknesses and fix them before they get to you. Whether it’s in your network, infrastructure, or web application, a vulnerability is normally a flaw in your code, which attackers will use to break into your system before proceeding to totally rinse you.
It’s often used as part of a two-step process along with penetration testing, during which ethical hackers try to break in using the flaws found in the vulnerability scan to help you figure out how to fix them.
Why do you need one?
Aside from letting you know where you need to reinforce your system, thereby protecting you and your customers, it can help with becoming PCI-compliant.
How does it work?
The scan digs through all your ports, processes, firewall policies and software updates and can also be performed for individual applications.
What is it looking for?
All sorts of nasties, but it’s basically stopping attacks by finding new vulnerabilities, as well as giving advice on your security, and any patches available etc. It also lets you know the types of threats and potential threats, and can even provide training materials for your business.
What should I do now?
Find a vulnerability scanning service and get testing! One option is going with your hosting provider as you know they’re happy to deal with the additional traffic that the test will bring, and you’re already integrated into their service; but the main thing is to find a company that you trust.
We’re offering free vulnerability scans for all UKFast clients through Secarma, a division of UKFast, as part of BASEfund, a £1m investment to keep businesses safe online and help them grow.
Get in touch to discuss your vulnerability scan on 0208 045 4945 or contact your account manager.