Stuart Hodkinson, Courion's GM
Hodkinson: A quiet time is a good chance to overhaul security and authentication for your customers

New Year lull makes time for security house-keeping

Stuart Hodkinson outlines some security tasks more easily done over the holidays

Written by Stuart Hodkinson

CRN, 12 Jan 2010

Many companies shut down or drastically reduce activity over the Christmas-New Year holidays. This quiet period is a good chance to catch up on non-critical jobs that have been delayed. Some may also use the time to get ahead for the first quarter.

The lull also provides a perfect opportunity for criminals to target known vulnerabilities and lapses in end-user security and authentication management. Malware activity often peaks in December.

Due to the recession, many companies have a backlog of fully functional network access credentials from former employees waiting to be deactivated. While active, they can be exploited.

Large companies where lay-offs may have been more widely publicised are at particular risk of being targeted during quiet holiday periods. They should make more effort to maintain security measures, regardless of reduced traffic.

The lull also is an ideal time for VARs to do some tidying and tightening, such as deep-cleaning of access privileges, redundant accounts, out-of-date security tools, or tuning firewalls and other perimeter defences at client sites.

Not only do you limit the disruption to your customer, but you make the provisioning and de-provisioning workload more manageable when full-time staff return from their holidays and seasonal casuals depart.

For most companies, Q1 is a key trading period. A new year refresh of desktops and servers may add to the IT workload.

The lull is also a good time to check out automated user provisioning. Tools that automate as much of the process as possible and clearly outline who should have access to what will help minimise future workloads and disruption.

Assess, add or remove user privileges as needed. Doing this while workload is down gives you the time to do it properly, and make adjustments as people filter back into the office for the New Year.

Update all antivirus definition files, particularly on mail servers and perimeter defences. If using an external mail filtering service, update keyword filters, white lists and black lists.

This is also a good time to check that data back-up processes are working properly. Test tapes for corrupted data, evaluate access to back-up data and check what is being backed up.

Does the customer plan an OS upgrade in the new year? If so, it is important to know what devices it has and who should have access to them.

Stuart Hodkinson is UK general manager at Courion

  • Have your say
  • Send to a friend
  • Share
  • Print

reader comments

related articles

Internet

Report shows more insiders involved in cyber crime

Verizon report shows that 2009 data breaches involved insiders and organised criminals 28 Jul 2010

latest news

Ingram sales up more than a quarter in Q2

Distribution giants enjoys healthy sales growth as profits more than double 30 Jul 2010

FAST launches three-pronged attack on piracy

Organisation joins forces with Trading Standards teams in Cardiff, Southampton and the Royal Borough of Windsor and Maidenhead to stamp out illegal software use 30 Jul 2010

Avisen grows sales threefold after shopping spree

Buy-and-build firm completes integration of six acquisitions as annual revenue grows to £7.2m 30 Jul 2010

More news

analysis and reports

A study into the UK managed IT services sector
This report presents the findings of the research, within the context of the wider market trends impacting the IT services sector.

Blackhat SEO: inside fake anti-virus
This paper provides insight into where FakeAV (or scareware) comes from, what happens when a system is infected, and how users can protect themselves.

poll

Two-horse race?

Two-horse race?

Can HP challenge Cisco's dominance in the networking arena?

View poll results

cloud computing

CRN Chatroom: Embracing the Cloud in the Channel

This CRN Chatroom, in association with IBM, looks at the impact of cloud computing on the channel and the benefits it can offer to resellers

David Hobson

In the Studio with CRN: VARs lift lid on ADSI

CRN finds out more about the UK IT security channel's first governing body

More CRN TV

events

virtual datacentre

CRN Briefing: Demystifying virtualisation and the datacentre

Join CRN at this exclusive briefing event taking place on Thursday 5 August, in association with Ingram Micro and Cisco.

CRN Golf Challenge 2010

Join us at the exclusive Foxhills Golf Course on Tuesday 7th September for the eighth annual golf challenge

More Events

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Primary Navigation