The earliest internet protocols were designed without security in mind. Later versions of these protocols were developed to include secure communication technologies. For example, Hypertext Transfer Protocol (HTTP) transmits communication in plaintext, but HTTPS (Secure) encrypts the communication in-transit. It is best practice to default to secure protocols in any network communication.
Open Permissions refers to a weak host configuration in which access permissions for files, data, or applications are too permissive and don’t follow a security principle such as Least Privilege.
Unsecured root accounts are an example of a weak host open permission configuration in which root, admin, or superuser accounts are vulnerable to takeover by an adversary.
Most computer devices and software, when initially purchased or installed, are configured with default settings which are typically not secure. It is good practice to configure a system’s security settings versus using default settings.
Open Ports and Services refers to the bad security practice of leaving system ports and unused services turned on and listening on a given networked device.
Servers and other networked devices with open ports and services are considered weak network configurations. Leaving ports and services unnecessarily open increases the overall attack surface and increases vulnerabilities to attack.
It is best practice to ensure strong encryption is implemented in network communication and data storage. Many of the older security protocols, and/or the encryption algorithms they utilize, are no longer secure due to them being cracked. When configuring security protocols and encryption, use the strongest protocol/algorithm combination possible to prevent easy compromise.
Error Messages that reveal too much or unformatted data can be a part of weak configuration. Error messages should fail “gracefully” without revealing sensitive data or too much information about the systems and software used by an organization.
The principle of least privilege says that applications and users should have the minimum permission and access to internal and external system resources required only for their function.
Improper patch management includes practices such as: not patching vulnerabilities, improper documentation of assets, unequal patch application, removal of patches, etc. Simplified, any practice where an organization’s systems are not up-to-date with the latest security updates, and patching schedules properly documented, is considered improper patch management.
Patch Management is the practice of regularly updating, fixing, and improving (aka “patching”) firmware, operating systems, and applications in order to avoid existing vulnerability exploitation by attackers.
A Legacy platform is a system that is usually an out-dated software and/or hardware version ,and no longer updated with patches or supported by its developer. It is effectively unpatchable and can be incredibly vulnerable to attack.
Legacy platforms can be secured from attackers by using security controls, the principle of least privilege, and techniques such as network segmentation or virtualization.
The term on-prem means “on premises”. This refers to technology, storage, and security solutions that are physically present on the premises of an organization rather than in the cloud.
The term cloud-based is refers to technology, storage, and security solutions that live in the cloud. This might be used in contrast with “on-prem” solutions that are physically present on-premises.