SAN FRANCISCO, CA -- October 25, 2012 -- nCircle, the leader in information risk and security performance management, today announced the results of the company's "The Devil in the Defaults" study. In the study, over 100 small to mid-sized business IT professionals were asked how their companies handled five insecure network configurations that nCircle professionals state should be turned off: SNMP default community strings, SSHv1, SSLv2, Telnet and weak TLS ciphers.
Key findings from the study include:
61% of respondents were either unaware of SNMP default community strings on their network or say their business is required to run it.
58% of respondents were either unaware of SSHv1 on their network or say their business is required to run it.
64% of respondents were either unaware of SSLv2 on their networks or say their business is required to run it.
38% of respondents say their business is required to run Telnet.
67% of respondents say they were either unaware of weak TLS ciphers on their networks or say their business is required to run it.
"The only plausible reason to run Telnet is because a business partner requires it. In that case, IT professionals need to push aggressively to find another partner. There's just no way to make Telnet secure," said Andrew Storms, director of IT and security operations for nCircle. "It's also discouraging to see so many small businesses that aren't sure if they have insecure settings on their networks, since we know hackers are targeting these businesses aggressively."
The study was conducted online and through webinars between September 18 and October 18, 2012. To view the complete study, please visit: http://www.ncircle.com/index.php?s=resources_surveys_Devil-is-in-the-Defaults-2012.
nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer's premises, as a cloud-based service, or in combination, for maximum flexibility and value.
nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.