Improperly Executed Multi-Factor Authentication

The most surprising chink in the BMDS infrastructure is the lack of multi-factor authentication. It’s not that that the system isn’t set up for multi-factor authentication. It is. New workers are issued with password-protected accounts and access cards. However, most users never enabled multi-factor authentication for their accounts, and one site’s network hadn’t been configured to use it. Without multi-factor authentication, networks are at risk of compromise via phishing or network attacks.

Improperly Maintained Systems

I don’t imagine readers will be surprised by the next problem: unpatched vulnerabilities. According to the report, “Investigators found that systems were not patched for vulnerabilities discovered and fixed in 2016, 2013, and even going as far as back as 1990.” The Equifax data leak happened because the company failed to patch a web server for a vulnerability that had been discovered several months earlier. That’s bad, but failing to patch an almost thirty-year-old vulnerability in systems connected to ballistic missile defense infrastructure is on another level altogether.

The report also highlighted problems with physical security and access controls.

“facility security officers did not consistently implement physical security controls to limit unauthorized access to facilities that managed BMDS technical information.”

How to Protect Your Data

What would it take for a server-hosting customer to achieve better security than the Ballistic Missile Defence System? It’s easier than you might hope: host your servers in ServerMania’s secure data centers and take advantage of our managed services.

Servers hosted in a secure data center are protected from a plethora of physical and natural threats. All of our data centers provide round-the-clock security presence, CCTV surveillance and biometric access controls. These facilities are also located in areas that are not prone to natural disasters, and feature state of the art fire suppression and emergency power generators.

ServerMania’s Empowered managed service tier includes proactive security patching, weekly security scans, and port monitoring. All modern content management systems and eCommerce applications can take advantage of multi-factor authentication.

If you want to be more secure than the Ballistic Missile Defence System, choose a server hosting provider who cares about the security of your servers and the privacy of your data.