In all of the buzzwords that are being thrown about today in Cybersecurity, we often don’t
hear about the word “Legacy”. But old
systems which still reside in an IT and Network Infrastructure can pose very
serious threats.
Although many people may think that this is not true, it is
quite the contrary. As much as the
Cyberattacker wants the new stuff, they will also be happy with old stuff. For example, they can put together bits and
pieces of stolen information and data, and put that together to create a
profile on an unsuspecting victim.
From here, ID Thefts can then be launched at a subsequent point
in time. But there are different
categories of “Legacy” you need to be aware of, and they are as follows:
1)
Legacy Accounts:
These can be defined as follows:
“Legacy identities are accounts
that exist in an organization's identity store despite no longer being needed.”
The security issues are that these
dead accounts simply add more bloat, and take up more storage. The best way to identify and remove these accounts
is to conduct regular audits (even as high as monthly) to make sure that no
such accounts actually exist. If they
do, just simply delete all traces of them.
Also, if an employee leaves a company, and their Legacy Account still
exists, they could still login and create quite havoc, which is something you
don’t need.
2)
Legacy Data:
This can be defined as follows:
“Legacy data is any data an
organization stores that is outdated or obsolete — that is, it has outlived its
usefulness.”
However, deciding what is needed
and not can be a tricky situation. Many
companies are required to keep archived data
for a certain period of time, such as accountants and the tax returns of
their clients. There are also other
risks as well, such as not providing an adequate amount of protection to these
kinds of datasets. If your business is
not bound to such a timeframe, the best advice here is to simply delete the old
data that you don’t need. This not only
help reduce the bloat that it creates, but it will also decrease the attack
surface.
3)
Legacy Processes:
This can be defined as follows:
“Processes
and procedures that are not kept up to date through regular review and practice
should be deemed as legacy.”
These kinds of systems are often
found with On Prem Infrastructures. In
fact, the most common place where you will find Legacy Systems are with out
Federal Government. For example, many
branches still use mainframe technology along with JCL and COBOL, and many others,
while updated some time ago, are still using unsupported versions of
Windows. In fact, they are also common
with our nation’s Critical Infrastructure, because many of them still use
outdated ICS and SCADA systems. But
unfortunately, you simply cannot rip out old pieces and put in new ones. Many companies are still dependent upon using
them, and not only would be disruptive to them, but it could also even to our
nation as well. The best piece of advice
here to mitigate any kind of Cybersecurity risks is to start thinking how best
you can replace the older technologies, a bit at a time. But if you are a tech company, the answer is
pretty easy to guess: Move to the Cloud,
and that way, your processes will be kept up to date all of the time.
My Thoughts On This:
As far as possible, you will want always to want to get rid
of delete old stuff, especially when it comes to data. The data privacy laws have become quite
strict about this, such as the GDPR, CCPA, and HIPAA. In fact, if you keep old information and data
when it is not needed, this could open you up to a wide scale audit, which is something
you want to avoid at all costs.
For more information about Legacy Systems, click on the link
below:
https://www.darkreading.com/vulnerabilities-threats/prevention-is-the-only-cure-the-dangers-of-legacy-systems
No comments:
Post a Comment