As the name clearly says- review of your device’s configuration for absolute secured network and IT infrastructure and its working. Improper security configuration is one of the most neglected risks to your technology initiatives. If you leave your devices unsecured, bad actors can find vulnerable points easily. Let’s understand this better, we buy a house, we get the best of high end electronics, the furniture, luxury fittings. We now start living in that house without reviewing that our security and lock systems are in sync with 360 degree protection such as:

• Are keys to the home entrance with trusted people?
• Is the configuration to lock security working?
• Are the security cameras installed in the home and around well connected?
• Is our kitchen only equipped with safe high end electronics or even safely connected?
• Are the kids safe when alone in the house or all of you at night while sleeping or a stranger has an easy access?

These are the things we need to think and ensure as soon as we have our dream house ready……similar is the case in Cyber world. Security Configuration Review is an exercise conducted by the cyber experts to check whether the IT department of a company is vulnerable or easily accessible, if the technology used by a company for its facility, growth and security is safe or it can be played with.

If a hacker or an insider can access your system via insecure configuration, they could:

• Steal data. Attackers frequently steal sensitive client data like email addresses, passwords or credit card numbers.
• Infect your servers. Compromised servers are often used to host spam-bots or other types of malware.
• Abuse the trust your users have in web servers or other enterprise applications.

Securing your software settings and configurations depends on understanding your software and enforcing best practices through good process management, and a regular security configuration review.