Managing Risk – Default Passwords

Share on linkedin
Share on facebook
Share on twitter

It’s common knowledge default passwords are a security risk – especially when the same password is built into hardware from a vendor. Most companies are diligent about changing default passwords as a part of the device-provisioning process, but failure to take this critical step for even a single device can lead to disastrous consequences.

The US and UK governments recently issued a warning that foreign governments were sponsoring cyberattacks aimed at exploiting the vulnerability default passwords create in network infrastructure. This isn’t an isolated occurrence – devices with default passwords are an easy target for hackers since they can then authenticate malicious code and unauthorized devices, thus penetrating your company’s IT environment without your knowledge until it is too late.

Fortunately, this is a vulnerability your IT staff can easily identify with the right tools – closing the door to unauthorized intruders and identifying any rogue devices that may have already penetrated your company’s IT defenses. Virima is one of these right tools (and a leader in this kind of protection), combining robust discovery capabilities with a Configuration Management Database (CMDB) solution to aggregate collected data and robust visualization tools to interpret findings to create actionable insights for decision makers. Here is an overview of how Virima will help you address the default password risk:

Scan

Scan your infrastructure for default passwords on devices from common suppliers. Predefined scans are available for the most common device suppliers that ship products with default credentials.

  • Network Devices – Cisco, Juniper, Arista and Dell and top wireless equipment manufacturers
  • Servers – Dell, HP, IBM and more
  • Operating Systems – Windows, Mac and Linux

Run the scan once or schedule it as part of your continuous monitoring strategy. Define specific IP ranges to ensure both your internal- and external-facing environments are secured. All discovered “open” assets are tagged as “unsecure” in the CMDB for ease of reporting.

Analyze

Convert the discovered data into actionable insights to drive improvements. Informed decisions lead to confident actions.

  • Monitor risk exposure: Total number of assets discovered with default passwords
  • Identify vulnerability targets: List of assets currently with default passwords
  • Track remediation progress: Assets that have had default passwords for more than 30 days
  • Assess provisioning Issues: New assets discovered during the last 30 days with default passwords

Take Action

Customizable alerts and reports provide notifications when a vulnerability is discovered, so your IT staff can act quickly and decisively to mitigate risks to your organization.

  • Send alert emails to administrative staff
  • Create a report of all unsecure devices
  • Integrate scan findings into the CMDB or “Risk Management” dashboards

Hackers know about the opportunities default passwords present to them and the risks they pose to their targets. Don’t fall prey to their malicious intent – take action today. Virima will help you understand your company’s risk exposure and provide you with the information you need to take action to keep your operations and data secure. Learn more about how to make the IT asset security circle unbreakable and why linking assets, configurations and change management is critical by downloading our whitepaper here.

Summary:

Managing Risk – Default Passwords

It’s common knowledge default passwords are a security risk – especially when the same password is built into hardware from a vendor. Most companies are diligent about changing default passwords as a part of the device-provisioning process, but failure to take this critical step for even a single device can lead to disastrous consequences. Scan your infrastructure for default passwords on devices from common suppliers. Predefined scans are available for the most common device suppliers that ship products with default credentials. Convert the discovered data into actionable insights to drive improvements. Informed decisions lead to confident actions. Customizable alerts and reports provide notifications when a vulnerability is discovered, so your IT staff can act quickly and decisively to mitigate risks to your organization.

Share on linkedin
Share on facebook
Share on twitter

Subscribe to Our Newsletter

More to Explore

To understand the business value of service mapping, it’s important to shift to a service delivery mindset, rather than thinking about delivering infrastructure, equipment, software, and applications. Defining services is relatively simple if thought of as the commoditization of what’s…

Service mapping - the area of configuration management that perplexes so many IT professionals, yet that which provides the highest value in Configuration Management Database (CMDB) projects. There are several major reasons IT gets stopped when it comes to service…

The world of service management has changed as technology has shifted from providing tools for administrative support to being fully embedded in the delivery of the business’ core function. There’s a world of difference between using an accounts payable system…

The Configuration Management Database (CMDB) provides a single database that contains information about the enterprise’s assets, both logical and physical. In modern service management platforms, it provides core functionality that is referenced by all of the service management practices, including…

The importance of discovery comes from what it provides to the users of the Configuration Management Data Base (CMDB): trustworthy data and greater speed to value. Without discovery, the CMDB is built by feeds and data entry, which can lead…

There is an old saying that you can’t manage something unless you can measure it. Asset discovery can provide you with accurate and up-to-date data and information about everything you use in IT. You can then develop metrics using the…

Atlanta, Mar 19, 2020 (Issuewire.com)  - Virima Technologies Inc, a provider of CMDB, Discovery, IT Asset Management and IT Service Management (ITAM & ITSM) solutions, today announced that it has recently completed its Service Organization Controls 2 (SOC 2) examination under the Statement…

The most significant ServiceNow CMDB best practice is having a system with data you can trust.  ServiceNow will tell you that your stakeholders will tell you that and IT service management (ITSM) professionals will tell you that.  Achieving high-quality configuration…

CMDB - configuration management database - value potential is undisputed, you need to be careful and not blindly jump into implementation without having a clear plan in place about how this powerful tool will be used within your organization.  Here…

The past decade has introduced a tremendous change in the IT industry.  If you were to compare your IT ecosystem today with how it was ten years ago, you would likely find it hard even to recognize that you’re looking…