Schools Are Open

   As the spring semester at most schools wind down, a recent survey reveals that schools are too open when it comes to security.  According to WhiteHat Security's 11th Annual Web Site Security Statistics Report, educational institutions are the worst at leaving their Web sites exposed to known vulnerabilities.  Over 7 out of 10 schools have unpatched software vulnerabilities on their Web servers, followed by 58% of social networking sites.  Yet only 14% of health care organizations and 16% of banks have unpatched vulnerabilities (the average for all business types was 44%).  Attacks that take advantage of these vulnerabilities include cross-site scripting and SQL injection {Chapter 3 Security+ 3ed}.  Banks are also the best at fixing vulnerabilities once they are identified.  Over half of their vulnerabilities are fixed within 13 days, while telecommunication Web sites are in last place, taking 205 days to fix half of its Web site vulnerabilities (the average across all businesses is 116 days).

   You can read the report at https://www.whitehatsec.com/resource/stats.html.

   Stay secure!

http://community.cengage.com/infosec