Why Enterprise Applications Are Weak When It Comes To Security

One of the things that has crept up into more and more peoples lives is the use of the computer when they are at work.

Most jobs that are considered “inside jobs” or “white collar jobs” are going to most likely make heavy use of the computer.

And it is increasingly becoming more than just using the Word document editor and your email account.

There are hundreds of little custom programs that are being made by programmers for intranet use only.

The Difference Between Intranet And Internet

When I say intranet, I am talking about something that is different from the internet.

While the internet stands for access with the whole world, an intranet is only a network that is used for a small subset of people.

Usually when we speak about an intranet, we are talking about the applications and web sites that you can only see while you are at work.

They are custom applications that are built for work use only and they usually never face the outside world.

There has been a recent study on corporate intranets, that says most of the security in the actual applications, are very weak.

When people in the corporate world think of security, they usually think of the actual network itself.

They do not think about the applications that are being used inside of the network.

Many Intranets Lack Even Basic Security

While the network has a wall of firewalls protecting it, even the most minor security practices are not being used in the internal applications.

The developers feel as if these applications will never be used for outside uses, so it does not have to go through the same rigor of testing that an application that was available for the public would have to go through.

But they are wrong on so many levels.

A lot of these applications, while being only used by people on the inside of an intranet, are actually connecting to the outside internet with the use of some of their features.

And if you are letting an application reach the internet, then you are introducing a whole lot of problems to your work space.

If someone has an attachment that sends emails to one of the applications, then this is a perfect vector of attack to a black hat hacker that knows a little bit about your organization.

Normal network security focuses on people who would try to attack the network from the outside.

With programs on the intranet that access the outside world, the hackers now have there perfect opening.

They can use your own weapons against you.

So when you create an application that is supposed to be used for intranet use only, make sure that you run it through the same procedures that you would on a program that was meant for the public.

Black Hat Hackers will use any kind of hole that they can, to get inside of your network.

An internal application is just a tip of the iceberg.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind