Digital Cruft is Just as Bad as It Sounds

Clutter is a part of life, but one place you absolutely don’t want it is your business’ network. This clutter is called “digital cruft,” which 1) is an actual word, and 2) creates serious problems if you let it accumulate. Your digital cruft can lead to significant vulnerabilities that put your network at risk.

Explaining the Cruft

Digital cruft refers to the debris that builds up as a byproduct of conducting business. This includes the following:

• Active user accounts - Employees who have come and gone no longer need access to your systems, so why do their permissions exist? These unused credentials could be sitting on your network waiting for a hacker to take advantage of them.
• Old, outdated, unpatched systems - Products and services that you no longer use can also count as cruft. It’s a natural result of conducting business, and if you let it build up, these solutions that are no longer receiving maintenance could become gateways for security breaches.
• Unneeded permissions - If you’ve ever temporarily granted permission or access to employees to certain systems or documents, it’s possible you’ve forgotten to revoke that access. These unneeded permissions create more opportunity for threats.

Notice a pattern here?

Attackers See Opportunity in the Cruft

In many ways, hackers are the same as just about any other person out there. They like simplicity and convenience. If they have the choice between bypassing enterprise-grade security systems or taking advantage of a known vulnerability on your network, chances are they’re going to go the easier route. It just makes sense.

All this digital cruft makes it easy for hackers to gain access to your network through unintentionally created backdoors. All it takes is a breached password, an unpatched line of code in software, or any other unmonitored technology.

Here’s a breakdown of a real-life example that shows just how easy this can be to pull off:

• An employee—let’s call him Bill—reused his work password for a random app that hasn’t been updated since its initial release. The developer of this app suffers a data breach that exposes Bill’s information, including his name, address, password, and social media profiles. That password can be used to break into your network.
• The attacker scans the Internet and discovers popular legacy software—software that could be found on your business’ server. There’s an unpatched vulnerability on this app, and they’re able to exploit it as a result.
• Bill then falls for a phishing email, basically handing the hacker access to his business account on a silver platter. The hacker then finds they have access to all the solutions Bill has access to, including your accounting department’s information. The hacker can then steal data, edit ledgers, and generally cause problems for your organization.

Don’t Let Cruft Ruin Your Business

Similar to dust, cruft will always return given enough time, so you need to be careful about minimizing it and keeping it from accumulating.

Accucom can go through your business’ network and address any cruft that remains. We’ll conduct a comprehensive inventory of your systems, which tools your team uses, and take note of what they don’t. We’ll even conduct an investigation into permissions to see what is and isn’t necessary, all to protect your assets. To learn more, call us at (02) 8825-5555.