An overview of web security

2,573 views

Published on

Everything you ever wanted to know about web security in one single infographic: lien. Includes 20 essential tips for an effective protection against cyberattacks!!

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,573
On SlideShare
0
From Embeds
0
Number of Embeds
103
Actions
Shares
0
Downloads
23
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

An overview of web security

  1. 1. CopyrightBeeWare2013 Formoreinformation:www.bee-ware.net/en AboutBeeWare:BeeWareisaEuropeanproviderofsolutionsforsecurityandavailabilityofWebapplications.BeeWare’si-Suitesolutionprovides organizationsofallsizeswiththemeansto ghtthegrowingthreatsthatcanimpacttheiractivitywhileensuringoptimumqualityofserviceand performance. Sources:BeeWare,EconomieetSociété,IDC,InfographicsMania,InternetRetailer,IVIZ,LesEchos, MMcAfee,OpinionWay,OWASP,PonemonInstitut,SANSInstitute,UNODC,WhiteHat. From AUserPerspective 60% ofpeopleusethesame passwordacrossmultiplesites 55% ofcompaniesareconcerned withidentitytheft 49% ofusersdonotusecomplexpasswords ordonotchangethemregularly From ACompanyPerspective 73% 90% 30% 99% 42% 8/10websiteshaveserious vulnerabilities oforganizationshavebeenhacked atleastoncethroughinsecure webapplications ofdetectedhackingincidents areneverdisclosedtothegeneralpublic ofthehackedorganizationsalready knewtheirvulnerability oflogsarereviewedormonitored onlywhenalertsareraised ofintrusionsresultfrom theexploitationofknown vulnerabilities OntheUserSide Donotusepersonalinformationinpasswords Usedifferentpasswordsforyourvariousaccounts Setup2-factorauthenticationwheneverpossible Donotusepubliccomputersorpersonal smartphonestoaccesscorporatesensitivedata 1 2 3 4 OntheApplicationSide Secureallwebadministrationdomains withSSLprotocol(https) Donotsettlefordefaultcon guration ofaccountsandpro lesinnetworkand securityproducts DeletealldefaultaccountsfromyourIT pproducts Adjustyoursecuritypoliciestothecriticality oftheinformation Apply xesandupdatestoyourweb applicationsandinfrastructurefrequently andregularly DonottrustHTTPreferrers(tooeasytoforge) UUseawebapplication rewallspecically con guredforyourenvironment Securewebapplicationadminzones byrestrictingauthorizedIPaddresses Validatedataentryontheserverside (ratherthanclient) Reduceinformationdisclosingbychanging AApacheServerTokensandbycreatingsecure errormessages 11 12 13 14 15 16 17 18 19 20 OntheServerSide Userootaccountonlywhennecessary UsePrivateNetworksforinternalservertraffic wheneverpossible Logeveryadminaccesswithtimestamp andnameofeveryuser Monitorwebtrafficforanyunusualtraffic oraoractivity Runlocalandremotesecurityscans onaregularbasis Testoutyourbackups 5 6 7 8 9 10 $1trillion $3.5billion $2,86million Totalestimatedcostofcybercriminality:upto$1trillionayear Identitytheftgenerates$1billionperyear ThecostrelatedtodatalossandtheftinFrance isapproximately $2,86millionper“incident” Onlinefraudcosttotaled$3.5billionin2012 fore-retailers SecurityPolicy oforganizationsdonothaveaformal documentedsecuritypolicyinplace35% Cloud&SaaS Agree Disagree Neutral 45% 22% 33% Thepotentialsecurityrisksintroducedbycloud computingandSaaSfaroutweighthebene ts Increasingvolumeofthreatsand/orattacks 63% Increasingsophisticationofattacks 61% Complexityofsecuritysolutions 53% Themostfrequentlyquotedchallenges SecurityChallenges 64% Difficultyinsecuring webapplications60% Web2.0use byemployees Themostimportantchallengesoverthenext12months 20tips Consequences MajorWebSecurityRisks ANOVERVIEW OFWEBSECURITY DatapresentedandconsolidatedbyBeeWare

×