Restricting exposure of Insecure Remote Access Protocols will significantly reduce the possibility of an attack on the affected services and other systems left more vulnerable due to exposure. IRAP remediation will also allow ITS to focus resources more deliberately on higher priority security risks.
Risks associated with IRAP
Incidents and issues addressed by IRAP blocking are the most significant benefits. A number of notable IT security incidents have occurred due to exposure of these services to the internet:
- Over the past decade, there have been multiple incidents each year where internet exposure of these services at U-M has been abused to facilitate attacks against other organizations.
- Exposure of these services negatively impacts customer service and consumes ITS resources to deal with preventable problems such as recurring account lockouts, compromised accounts/hosts, etc.
- Exposure of these services consumes a significant amount of expensive IT security resources that could otherwise be more productively and efficiently focused on protecting sensitive and critical U-M assets (NBIS, Splunk, Firewalls, IPS, etc.)