Feds Hit Vendor With $350K Settlement in FTP Server Breach
Practice Management Software Firm’s 2018 Incident Affected Nearly 231,000
… Wendell Bobst, senior security consultant at privacy and security consultancy tw-Security, told Information Security Media Group that most of the security incidents he sees involving FTP servers involve weak practices by the operators of the FTP service.
They include the use of generic folders, where one customer can access the files of other customers; passwords that are not changed periodically; the absence of multifactor authentication for all admin functions; and customers failing to notify the FTP service of any change in their personnel with knowledge of the FTP password.
“Stop using FTP and even Secure FTP. Consider using SharePoint/OneDrive or Google Drive, or Dropbox instead,” he advised.
Short of stopping the use of FTP services, Bobst recommends entities take steps to ensure customers have individual FTP folders or areas, require that all admin and privilege users use multifactor authentication for all administrative functions, regularly change all admin and service account passwords that are not protected by multifactor authentication, and conduct periodic customer/user access reviews.
“Unfortunately, organizations protecting PHI have many doors they need to monitor. They need to validate all the legitimate people that need to access various rooms,” he said. “Regular risk analysis and executive support serve as the foundation for a security officer to continually manage and refine the critical practices for each organization.”