When a Good Update Goes Bad
- How do you ensure that your data and your customer’s data remains secure in our ever-evolving technical landscape?
- How do you know exactly where you are on your path to better cyber health?
- How do you know that you have the right tools in your cybersecurity tool chest and that your automatic updates aren’t leaving openings for a breach?
MEET YOUR PEER
A leading luxury hospitality and real estate group
that with a broad range of properties and elite services
that struggles to balance the need to reduce overhead in the
pandemic climate with the need to protect company data.
Knowing the Unknowns in Real Time
Leads to Quick Detection & Risk Mitigation
for International Conglomerate
- RealHome owns a total portfolio of $5.8 billion, comprised of a small number of ultra-luxury hotels, strategic real estate assets, and tourism assets, and its businesses are grouped under three divisions: hotels, commercial properties, and clubs and services.
- RealHome provides five-star hospitality in an ever-shrinking tourism climate due to the Covid-19 pandemic.
- RealHome has both a broad and deep data cache containing not only corporate assets but client data in each of their spheres of business that needs protecting.
In engaging with RealHome, we saw quickly that because of the wide array of products and services provided across a multinational background, that a full Security and Risk Assessment would need to be conducted immediately. This assessment would show exactly where RealHome was in terms of their overall cyber risk and what the company was facing in real-time.
Our goal was to first locate where RealHome was on the proverbial cyber risk map to quickly and extensively identify the lack of controls that allowed for vulnerabilities across each sector of their business.
Just prior to the beginning of our tenure with RealHome, RealHome performed a scheduled update of their system, but in doing this, their security settings reverted to old configurations.
- RealHome‘s IT team was unaware that this reversion was a byproduct of this software update. Executing our Security And Risk Assessment (SARA) alerted RealHome to this and allowed for them to go back in and correct the reversions manually after installing the latest update.
- Unfortunately, this is a common point of weakness, as many IT professionals are unaware that reverting to old security settings is even possible in typical automatic updates.
- We recommended to RealHome that they run our penetration test before and after an update as our system can pinpoint the exact reversions promptly to allow for immediate correction and protection.
- This is another example of how our system can be implemented to identify vulnerabilities in the networks and server device configurations.
When an Objective & Unbiased Assessment Gets Key Results
In running the initial assessment, we demonstrated how SARA is conducted in much less time and with minimal resources from RealHome‘s team. In this assessment, SARA was able to glean all the details from metadata to identify vulnerabilities, potential procedural issues with users’ accessibilities, and how the new configuration settings from the most recent update synched successfully with their system’s infrastructure and internal controls — and exactly where it did not.
SARA was also able to assess the majority of technical solutions against the industry best practice recommendations and find potential vulnerabilities with signature AND signature-less (Zero Days) malware to enhance cyber hygiene.
Lastly, in executing our testing automatically through SARA, we provided RealHome with not only all possible breach points but also a step-by-step process on how to repair each weak spot. This eliminated the added time of interpretation from the Stakeholders, to them arrive at a mutually beneficial solution for each breach point.
In one streamline system we ran the penetration test, found the weak spots, and provided a step-by-step guide for each of the stakeholders to repair current breach points and eliminated the possibility of similar breaches in the future – all within about one week.