News Release
Network Infrastructure Not Business Ready
Multiple issues found with configurations, security vulnerabilities and end-of-life status
See also…
Poor network management and basic security vulnerability oversights are leaving organisations open to security attacks,
compliance breaches and operational downtime.
This is one of the key findings in the Network Barometer Report launched today by Dimension Data, the $4.5 billion IT solutions and services provider. Datacraft is a wholly owned
subsidiary of Dimension Data. The Report presents the aggregate data from 152 Secure Network Infrastructure Assessments
(SNIAs) conducted by Dimension Data for organisations around the world during 2008, and provides an overview of
networks’ configuration, security vulnerabilities and device life-cycle status.
The results provide a revealing view into networks and their common problems, errors and obstacles to success:
• 73% of deployed IOS versions have known security vulnerabilities.
• There is an average of 15 security best practice configuration errors per device deployed, despite widely
published and recommended standards.
• 43% of all equipment reviewed has entered the end-of-life cycle, and of this group, 56% is either beyond
end-of-software maintenance or last-day-of-support.
Security vulnerabilities
According to the Report, 73% of networking devices have known security vulnerabilities which expose a business to both
external and internal security attacks and breaches, and which could have significant implications for regulatory
compliance.
Dexter Wee, General Manager, Network Integration of Datacraft Asia says, “Organisations are running with vulnerabilities
they’re probably not aware of. The results also indicate that there’s a lack of process to remediate these
vulnerabilities.”
And that’s not all. For many sectors, non-compliance can result in considerable penalties. For example, merchants may be
excluded from the credit card companies that their business transactions rely on. This means data leaks and compliance
failures, along with natural disasters and market crashes, are issues which should rank high on executives’ risk list.
Configuration errors
The research also showed that an average of 15 security configuration errors were found per device deployed – despite
widely published and recommended standards.
“These results are astounding,” says Wee. “The most basic protection measures against threats which could harm an
organisation, such as access and password configurations, are simply not in place. It’s the functional equivalent to
leaving the doors and windows unlocked when you leave home,” he explains.
Click for big version
End of Life cycle
The Report also reveals that 43% of all equipment reviewed had entered the first end-of-life cycle stage, and of that
group, 56% was beyond either end-of-software maintenance or last-day-of-support. Ageing IT and network assets, depending
on their functions, will become increasingly unsupportable and open to risk, leaving the organisation exposed to
potential availability and mean-time-to-repair risks.
Click for big version
Additional commercial implications arise when an end-of-life device fails and must be replaced. Businesses may then have
to buy expensive technology in compressed timeframes, without the customary due diligence which ought to be applied in
such procurement decisions.
“Today, organisations depend on the functionality, availability and successful management of their IT networks. Indeed,
many companies would simply not function without the technologies that enable their business processes,” says Wee.
“Given this dependency, the basics of keeping networks running and ‘ready for business’ should be a priority for most
organisations.”
“As such, rigorous network asset planning is crucial in working out a roadmap of which technology requires replacing
down the line. This can realise cost savings, streamline processes and improve productivity – all competitive advantages
that are critical to organisations in the current economic climate.”
The Dimension Data Network Barometer Report is attached for your reference. For more information, please go to www.datacraft-asia.com/networkbarometer
*PSIRT = APSIRT is a software vulnerability that has been identified by Cisco’s Product Security Incident Response Team
-Ends-
About Datacraft
Datacraft is a wholly owned subsidiary of Dimension Data plc (LSE:DDT), a US$4.5 billion leading global IT solutions and
services provider. Datacraft operates in over 50 offices across 13 Asia Pacific countries. We help clients plan, build,
support, manage, improve and innovate their IT infrastructures. Datacraft combines an expertise in networking, security,
data centre, storage, Microsoft solutions and contact centre technologies, with advanced skills in consulting,
integration, training and managed services to craft IT solutions for businesses. For more information, please visit www.datacraft-asia.com.
About the Dimension Data Network Barometer Report
The Network Barometer Report presents the aggregate data from 152 Secure Network Infrastructure Assessments (SNIAs)
conducted by Dimension Data for organisations around the world during 2008. The Report provides an overview of networks’
configuration, security vulnerabilities, and device life-cycle status. The Report is also available for download from www.datacraft-asia.com/networkbarometer.
ENDS