HP Access Control Client Software manual Types of Attacks

Customer Needs Assessment

Vulnerability to Attacks

Many insider attacks occur without the knowledge of the user. A user may log in to the network with an infected workstation or an unpatched workstation that is vulnerable to infections. Laptops are particularly problematic because they are mobile and often plug into other networks, both public and private. Consequently, laptops have a higher risk of infection—and of spreading the infection in your network.

In addition, laptops are more difficult to track and manage: they may not be connected to the network when the IT department applies patches or updates software.

You cannot always count on users to do their part to protect their endpoint and by extension the network. All too often, users change the settings on their endpoints. They may disable their virus-protection software because it incon- veniences them, or they may not update it as required by the company. Users may also lower the security settings on their Internet browser to visit unsafe Web sites or use unsafe applications.

In addition, users—unintentionally or intentionally—accept unsafe traffic over the Internet. For example, a user might unknowingly download a Trojan, a seemingly innocent application actually intended to cause harm.

Endpoint integrity solutions reduce these types of infections by testing work- stations before they attach to the network. These tests ensure that the work- station is free from infection, running the current patches, and configured with the security settings required by the company.

Although many problems are caused by ignorance, carelessness, or indiffer- ence, some employees may deliberately try to access confidential information on the network to steal confidential data or just to wreak havoc. Your access controls should allow users to access only the information for which they have security clearance. Don’t grant them extra rights so that they have more network privileges than they need.

In addition, you should have the capability of immediately severing network access when an employee resigns or is asked to leave the company. If network access for disgruntled former employees remains enabled, they can steal confidential information, destroy it, or modify it.

Types of Attacks

You should also understand the types of attacks that are potential threats to your network. Despite the fact that almost all companies run anti-virus software, malware, viruses, and worms continue to plague company networks.

2-20