Security should not be considered exclusively within the context of one’s organization and environment, it is also important to consider your customers’ access to your systems. We all take things for granted and sometimes do not realise certain shortcomings until we come face to face with them.
Recently I ended up facing a security scenario which made me release how non-security minded people would have been put in grave danger. It all started with my home ISP. Like many other ISPs it provides a webmail service for people who wish to access their email via the web. Unfortunately they decided to run their webmail on a regular http connection and not on a secure connection. With regard to accessing an unsecure webmail from home, it’s not a major issue since the only security weakness in such a scenario would be a sniffer running at my ISP. If someone was able to install a sniffer at an ISP it would imply that he could in all likeliness get access to the actual mail server directly. When considering access from locations away from home however, the story changes drastically.
Recently I was on a cruise liner which didn’t have many options with regard to connecting to the internet; the only viable option was a satellite connection. I was presented with my ISP’s Webmail login page over an unsecured web connection going through a satellite connection. This was as big as a security risk as I could face under the circumstances and obviously a hugely bad idea. I had no idea if the satellite connection itself was encrypted, especially since in most cases for technical reasons they are not. Logging in under such a circumstance I would essentially be broadcasting the login and password I use for my email over a whole continent. Everyone with a cheap satellite card capturing all traffic on that channel, at that time would get access to my credentials as well as the location where those credentials apply.
The issue isn’t limited to satellite connections; anyone trying to access the webmail through any public connection be it an internet cafe or open wireless connection will be exposing his credentials as well.
In short it is really essential for an administrator to think about how users (both internal and external to the company) will be accessing any of the company’s services. If your website at any stage asks for credentials make sure that they are sent over a secure link. Always assume that the link between the customer and your system is compromised and then act accordingly. If on the other hand you’re a user let this be a cautionary tale. Whenever you are about to enter credentials or any other confidential information, always stop and think. Is the data you are about to submit going to be sent in plain text or encrypted and is the pipe transporting that data secure or could it be compromised? Decide and act accordingly. Do not be tempted to just go ahead and access the service regardless of the risk; one mistake can cause of a lifetime of pain.