You buy a car and you regularly change the oil and take it in for its mileage-appropriate checkups. Why? Because you don’t want it to die on you on the highway on the way to closing your biggest deal. Well, the same is true for your IT infrastructure – – your servers, desktops, firewalls, switches, wireless access points, etc. – – they all need regular maintenance or they will, per Mr. Murphy and his law, break down at the most inopportune moments.
If you look at all of the high-profile information security incidents over recent years, they have one thing in common – – the breach occurred because of human error. Gone are the days when the attackers brute force their way through the external firewalls and protective systems using advanced “hacking” techniques. It is much easier for the bad guys to just get someone at the victim company to click on a link that contains some malware that exploits a known vulnerability and bang – – they are on the company’s network with control over at least one computer. And, once they have that access, it’s a relatively short, simple walk to having administrative control over many or all of the computers on that network.