Courtesy navigation

Would you lay out the welcome mat for hackers?

Would you lay out the welcome mat for hackers?

September 19, 2011 by Steve Nice

Two hackers sitting at a computer

Would you be happy setting a hacker loose? (Image: John.E.Robertson on Flickr.)

The idea of willingly inviting hackers to break into your company website or server may seem odd. However, if the intentions of the hacker are good and they don’t intend to use what they find to exploit your business, it can be an effective way to identify and seal up weaknesses in your IT security.

White-hat hacking hits the news

The practice of ‘white-hat hacking’ hit the news recently with the launch of Facebook’s Bug Bounty programme. This offers rewards to people who find and report holes in Facebook’s security.

In the first three weeks of the project, Facebook paid out over £24,000. They obviously reckon the cost of the programme is significantly less than the potential loss they could suffer if sensitive data were to fall into the wrong hands.

Inviting hackers to your business

If you’re not a company with the size and status of Facebook, it’s probably not a good idea simply to announce in public that you’d like people to try to break into your site. That could invite all kinds of problems.

However, you can enlist the help of a professional ‘ethical hacker’ to help test your security.

The best of these will hold Ethical Hacker Certification from the International Council of Electronic Commerce Consultants. This ensures your chosen hacker is a skilled professional, who uses the same knowledge, techniques and tools as a malicious hacker.

They will know how to probe for weaknesses and vulnerabilities in your systems. And you’ll know that they have signed up to an ethical code that means they can be trusted with your data.

Would you be willing to put your website to that sort of test?

Steve Nice is technical director at ForLinux, an open source hosting and Linux solutions provider.

Write for the IT Blog

Posted in IT security | 0 comments

Comments

Add a comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <p>
  • Lines and paragraphs break automatically.
  • Links to specified hosts will have a rel="nofollow" added to them.

When you click 'Register' to create a new account, you accept our terms of service and privacy policy